99 matches found
GO-2026-5128 Traefik Kubernetes Ingress NGINX provider fails open when auth-secret resolution fails in github.com/traefik/traefik
Traefik Kubernetes Ingress NGINX provider fails open when auth-secret resolution fails in github.com/traefik/traefik...
CVE-2026-54762
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to fail open. When an Ingress explicitly enables BasicAuth or DigestAuth through the supported...
CVE-2026-54762 Traefik Kubernetes Ingress NGINX provider fails open when auth-secret resolution fails
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to fail open. When an Ingress explicitly enables BasicAuth or DigestAuth through the supported...
CVE-2026-54762
Traefik’s Kubernetes Ingress NGINX provider (versions 3.7.0-ea.1 through 3.7.5) contains a medium-severity fail-open vulnerability: if an Ingress enables BasicAuth or DigestAuth but the referenced auth-secret cannot be resolved or parsed, Traefik logs an error, skips installing the authentication...
Traefik Kubernetes Ingress NGINX provider fails open when auth-secret resolution fails
Summary There is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to fail open. When an Ingress explicitly enables BasicAuth or DigestAuth through the supported nginx.ingress.kubernetes.io/auth-type and auth-secret annotations, but the...
PT-2026-51068
Name of the Vulnerable Software and Affected Versions Traefik versions 3.7.0-ea.1 through 3.7.4 Description A fail-open authentication issue exists in the Kubernetes Ingress NGINX provider. When an Ingress explicitly enables BasicAuth or DigestAuth using the nginx.ingress.kubernetes.io/auth-type...
CVE-2026-33814 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-5
CVE-2026-33814 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-5. A patched version of the package is available...
CVE-2026-27136 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4
CVE-2026-27136 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4. A patched version of the package is available...
CVE-2026-42506 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4
CVE-2026-42506 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4. A patched version of the package is available...
CVE-2026-42502 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4
CVE-2026-42502 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4. A patched version of the package is available...
CVE-2026-25680 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4
CVE-2026-25680 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4. A patched version of the package is available...
CVE-2026-25681 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4
CVE-2026-25681 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4. A patched version of the package is available...
Exploit for CVE-2026-42945
NGINX Rift — CVE-2026-42945 Vulnerability Scanning and Verific...
Insertion of Sensitive Information Into Sent Data
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the diagnostics endpoint. An attacker can obtain sensitive secret-backed plugin configuration data by accessing this endpoint. Remediation There is no fixed version for...
Insertion of Sensitive Information Into Sent Data
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the diagnostics endpoint. An attacker can obtain sensitive secret-backed plugin configuration data by accessing this endpoint. Remediation Upgrade...
ROS-20260429-73-0040
A vulnerability in the incoming traffic controller in the Kubernetes ingress-nginx cluster is related to flaws in the input validation mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260429-73-0041
A vulnerability in the incoming traffic controller in a Kubernetes ingress-nginx cluster is related to insufficient input validation. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
EUVD-2026-25280
Contour has Lua code injection via Cookie Path Rewrite Policy...
Improper Encoding or Escaping of Output
Overview Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output through the Kubernetes Ingress and Knative provider buildRule/buildHostRule processes in the pkg/provider/kubernetes/ingress and pkg/provider/kubernetes/knative components. An attacker can bypass...
Improper Encoding or Escaping of Output
Overview Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output through the Kubernetes Ingress and Knative provider buildRule/buildHostRule processes in the pkg/provider/kubernetes/ingress and pkg/provider/kubernetes/knative components. An attacker can bypass...