Lucene search
K

764 matches found

Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.8 views

PT-2026-31697

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.18, 10.1.0-M1 through 10.1.52, 9.0.0.M23 through 9.0.115, and 8.5.30 through 8.5.100. Description An open redirect issue exists in Apache Tomcat due to a flaw in the LoadBalancerDrainingValve. This...

9.1CVSS5.8AI score0.15831EPSS
Exploits6References84
Snyk
Snyk
added 2026/03/18 4:41 a.m.1 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.7 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.6 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.5 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.5 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.8 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/18 4:41 a.m.9 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...

7.1CVSS6AI score0.00297EPSS
Exploits1References2
NVD
NVD
added 2026/03/18 4:17 a.m.7 views

CVE-2026-32254

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds...

7.1CVSS0.00297EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/18 3:14 a.m.8 views

CVE-2026-32254

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds...

7.1CVSS5.8AI score0.00297EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/03/18 3:14 a.m.34 views

CVE-2026-32254

CVE-2026-32254 (Kube-router) affects the kube-router proxy module in Kubernetes networking before version 2.8.0, where ExternalIPs and LoadBalancer IPs are not validated before being programmed into node network configurations. This can enable cluster-wide traffic hijacking and DNS DoS if malicio...

7.1CVSS5.8AI score0.00297EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/18 3:14 a.m.35 views

CVE-2026-32254 Kube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoS

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds...

7.1CVSS0.00297EPSS
Exploits1References3
Rows per page
Query Builder