4 matches found
CVE-2026-56675
9router prior to version 0.5.2 validates loopback requests as trusted, allowing unauthenticated access to /v1/* endpoints when a reverse proxy on localhost (127.0.0.1) forwards traffic. A remote attacker could reach /v1 APIs (e.g., /v1/models) without an API key, potentially abusing configured up...
Linux Distros Unpatched Vulnerability : CVE-2021-20199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized...
SUSE CVE-2021-20199
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...
DEBIAN-CVE-2021-20199
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...