Lucene search
K

28 matches found

AlpineLinux
AlpineLinux
added 2026/07/06 8:27 p.m.9 views

CVE-2026-54765

Traefik is an open source HTTP reverse proxy and load balancer. From v3.7.0 prior to v3.7.6, Traefik's Kubernetes Gateway API provider may resolve two accepted HTTPRoutes that target the same backend Service:port but configure different backendRef filters to the same child service and apply only...

8.5CVSS5.9AI score0.00346EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.20 views

PT-2026-56012

Name of the Vulnerable Software and Affected Versions Traefik versions 3.7.0 through 3.7.5 Description Traefik's Kubernetes Gateway API provider may incorrectly resolve two accepted HTTPRoutes that target the same backend Service:port but use different backendRef filters for the same child servic...

8.5CVSS5.9AI score0.00346EPSS
Exploits0References17
ATTACKERKB
ATTACKERKB
added 2026/06/23 7:15 p.m.4 views

CVE-2026-54761

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...

6CVSS5.9AI score0.00318EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2026/06/23 7:15 p.m.2 views

CVE-2026-54761 Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...

6CVSS6AI score0.00318EPSS
Exploits2References5
OSV
OSV
added 2026/06/17 2:1 p.m.8 views

GHSA-3G6V-2R68-PRFC Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services

Summary There is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlist against the target backendRef.namespace instead of the route's own...

6CVSS5.2AI score0.00318EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-2669

Malicious code in bioql PyPI...

7.2CVSS4.7AI score0.00573EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-1875

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00305EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/09/11 9:11 a.m.26 views

CVE-2024-42486

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In versions on the 1.15.x branch prior to 1.15.8 and the 1.16.x branch prior to 1.16.1, ReferenceGrant changes are not correctly propagated in Cilium's GatewayAPI controller, which could lead to Gateway...

7.2CVSS7.2AI score0.00573EPSS
Exploits0References1
OSV
OSV
added 2024/08/20 7:20 a.m.8 views

BIT-HUBBLE-RELAY-2024-42486 Cilium vulnerable to information leakage via incorrect ReferenceGrant update logic in Gateway API

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In versions on the 1.15.x branch prior to 1.15.8 and the 1.16.x branch prior to 1.16.1, ReferenceGrant changes are not correctly propagated in Cilium's GatewayAPI controller, which could lead to Gateway...

7.2CVSS4.6AI score0.00573EPSS
Exploits0References4
OSV
OSV
added 2024/08/20 7:17 a.m.80 views

BIT-CILIUM-2024-42486 Cilium vulnerable to information leakage via incorrect ReferenceGrant update logic in Gateway API

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In versions on the 1.15.x branch prior to 1.15.8 and the 1.16.x branch prior to 1.16.1, ReferenceGrant changes are not correctly propagated in Cilium's GatewayAPI controller, which could lead to Gateway...

7.2CVSS4.6AI score0.00573EPSS
Exploits0References4
OSV
OSV
added 2024/08/20 7:17 a.m.11 views

BIT-CILIUM-OPERATOR-2024-42486 Cilium vulnerable to information leakage via incorrect ReferenceGrant update logic in Gateway API

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In versions on the 1.15.x branch prior to 1.15.8 and the 1.16.x branch prior to 1.16.1, ReferenceGrant changes are not correctly propagated in Cilium's GatewayAPI controller, which could lead to Gateway...

7.2CVSS4.6AI score0.00573EPSS
Exploits0References4
OSV
OSV
added 2024/08/19 5:26 p.m.16 views

GO-2024-3074 Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API in github.com/cilium/cilium

Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API in github.com/cilium/cilium...

7.2CVSS4.6AI score0.00573EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/08/16 6:45 p.m.32 views

Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API

Impact Due to ReferenceGrant changes not being immediately propagated in Cilium's GatewayAPI controller, Gateway resources are able to access secrets in other namespaces after the associated ReferenceGrant has been revoked. This can lead to Gateways continuing to establish sessions using secrets...

7.2CVSS6.7AI score0.00573EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/08/16 6:45 p.m.10 views

GHSA-VWF8-Q6FW-4WCM Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API

Impact Due to ReferenceGrant changes not being immediately propagated in Cilium's GatewayAPI controller, Gateway resources are able to access secrets in other namespaces after the associated ReferenceGrant has been revoked. This can lead to Gateways continuing to establish sessions using secrets...

5.4CVSS4.6AI score0.00573EPSS
Exploits0References7
NVD
NVD
added 2024/08/16 3:15 p.m.35 views

CVE-2024-42486

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In versions on the 1.15.x branch prior to 1.15.8 and the 1.16.x branch prior to 1.16.1, ReferenceGrant changes are not correctly propagated in Cilium's GatewayAPI controller, which could lead to Gateway...

7.2CVSS0.00573EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/16 2:34 p.m.19 views

CVE-2024-42486 Cilium vulnerable to information leakage via incorrect ReferenceGrant update logic in Gateway API

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In versions on the 1.15.x branch prior to 1.15.8 and the 1.16.x branch prior to 1.16.1, ReferenceGrant changes are not correctly propagated in Cilium's GatewayAPI controller, which could lead to Gateway...

5.4CVSS7.1AI score0.00573EPSS
Exploits0References3
CVE
CVE
added 2024/08/16 2:34 p.m.311 views

CVE-2024-42486

CVE-2024-42486 affects Cilium (1.15.x before 1.15.8 and 1.16.x before 1.16.1). The vulnerability arises from ReferenceGrant changes not being propagated correctly in Cilium’s GatewayAPI controller, potentially allowing Gateway resources to access secrets longer than intended or enabling Routes to...

7.2CVSS5.5AI score0.00573EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/08/16 2:34 p.m.16 views

CVE-2024-42486 Cilium vulnerable to information leakage via incorrect ReferenceGrant update logic in Gateway API

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In versions on the 1.15.x branch prior to 1.15.8 and the 1.16.x branch prior to 1.16.1, ReferenceGrant changes are not correctly propagated in Cilium's GatewayAPI controller, which could lead to Gateway...

5.4CVSS4.5AI score0.00573EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/08/16 12:0 a.m.4 views

Cilium 安全漏洞

Cilium is an open source software from Cilium Open Source. It is used to provide and transparently secure network connectivity and load balancing between application workloads, such as application containers or processes. A security vulnerability exists in Cilium versions 1.15.0 through prior to...

7.2CVSS4.6AI score0.00573EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/16 12:0 a.m.3 views

PT-2024-29983 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions 1.15.x through 1.15.7 Cilium version 1.16.0 Description: The issue arises from incorrect propagation of ReferenceGrant changes in Cilium's GatewayAPI controller. This could lead to Gateway resources accessing secrets for longe...

5.4CVSS6.8AI score0.00573EPSS
Exploits0References16
Rows per page
Query Builder