130 matches found
GHSA-G3XR-5W5J-W4Q4 Contour has Improper JWT Verification for Non-SNI Requests on Virtual Hosts with Fallback Certificate Enabled
Impact When an HTTPProxy is configured with incompatible combination of both .spec.virtualhost.tls.enableFallbackCertificate: true and .spec.virtualhost.jwtProviders, Contour does not reject the configuration. Consequently, requests from clients that do not send TLS SNI or send an unrecognized SN...
PT-2026-55460
Name of the Vulnerable Software and Affected Versions Contour versions prior to 1.33.5 Description An issue exists when an HTTPProxy is configured with both .spec.virtualhost.tls.enableFallbackCertificate: true and .spec.virtualhost.jwtProviders. In this scenario, the system fails to reject the...
GO-2026-5738 Contour has Lua code injection via Cookie Path Rewrite Policy in github.com/projectcontour/contour
Contour has Lua code injection via Cookie Path Rewrite Policy in github.com/projectcontour/contour...
FreeType Contour Boundary Validation Utility
This is a FreeType contour boundary validation utility for detecting indexing and integer-limit risks. It implements a validation routine for detecting unsafe contour metadata conditions by evaluating contour counts and index boundaries against expected limits...
BIT-CONTOUR-2026-41246 Contour: Lua code injection via Cookie Path Rewrite Policy
Contour is a Kubernetes ingress controller using Envoy proxy. From v1.19.0 to before v1.33.4, v1.32.5, and v1.31.6, Contour's Cookie Rewriting feature is vulnerable to Lua code injection. An attacker with RBAC permissions to create or modify HTTPProxy resources can craft a malicious value in...
EUVD-2026-25280
Contour has Lua code injection via Cookie Path Rewrite Policy...
Contour has Lua code injection via Cookie Path Rewrite Policy
Impact Contour's Cookie Rewriting feature is vulnerable to Lua code injection. An attacker with RBAC permissions to create or modify HTTPProxy resources can craft a malicious value in the following fields that results in arbitrary code execution in the Envoy proxy: -...
CVE-2026-41246
A flaw was found in Contour, a Kubernetes ingress controller. An attacker with Role-Based Access Control RBAC permissions to manage HTTPProxy resources can exploit a Lua code injection vulnerability within Contour's Cookie Rewriting feature. By crafting a malicious value in specific configuration...
CVE-2026-41246
Contour is a Kubernetes ingress controller using Envoy proxy. From v1.19.0 to before v1.33.4, v1.32.5, and v1.31.6, Contour's Cookie Rewriting feature is vulnerable to Lua code injection. An attacker with RBAC permissions to create or modify HTTPProxy resources can craft a malicious value in...
CVE-2026-41246
Contour is a Kubernetes ingress controller using Envoy proxy. From v1.19.0 to before v1.33.4, v1.32.5, and v1.31.6, Contour's Cookie Rewriting feature is vulnerable to Lua code injection. An attacker with RBAC permissions to create or modify HTTPProxy resources can craft a malicious value in...
CVE-2026-41246 Contour: Lua code injection via Cookie Path Rewrite Policy
Contour is a Kubernetes ingress controller using Envoy proxy. From v1.19.0 to before v1.33.4, v1.32.5, and v1.31.6, Contour's Cookie Rewriting feature is vulnerable to Lua code injection. An attacker with RBAC permissions to create or modify HTTPProxy resources can craft a malicious value in...
CVE-2026-41246 Contour: Lua code injection via Cookie Path Rewrite Policy
Contour is a Kubernetes ingress controller using Envoy proxy. From v1.19.0 to before v1.33.4, v1.32.5, and v1.31.6, Contour's Cookie Rewriting feature is vulnerable to Lua code injection. An attacker with RBAC permissions to create or modify HTTPProxy resources can craft a malicious value in...
CVE-2026-41246
Contour’s Cookie Rewriting feature (Envoy Lua filter) is vulnerable to Lua code injection from v1.19.0 up to before v1.33.4, v1.32.5, and v1.31.6. An attacker with RBAC to create/modify HTTPProxy resources can inject values into spec.routes[].cookieRewritePolicies[].pathRewrite.value (or services...
PT-2026-34726
Name of the Vulnerable Software and Affected Versions Contour versions 1.19.0 through 1.31.5 Contour versions 1.32.0 through 1.32.4 Contour versions 1.33.0 through 1.33.3 Description The Cookie Rewriting feature is susceptible to Lua code injection. An attacker with RBAC permissions to create or...
Contour 代码注入漏洞
Contour is an open-source Kubernetes ingress controller that uses Envoy proxies. Versions of Contour from v1.19.0 to v1.33.4, v1.32.5 before v1.32.5, and v1.31.6 before v1.31.6 had a code injection vulnerability. This vulnerability stemmed from the Cookie rewriting feature, which was vulnerable t...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: scorecard, modelmesh-runtime-adapter, falco-no-driver, k8sgpt-operator, rancher, kargo, secrets-store-csi-driver-provider-azure, cloud-provider-azure, flux-source-controller, falcoctl, step-issuer, gitaly, terraform-provider-time, cortex, flux-notification-controller...
CVE-2026-33186 vulnerabilities
Vulnerabilities for packages: scorecard, percona-server-mongodb-operator, velero-plugin-for-csi, rancher, falcoctl, step-issuer, gitaly, gatus, neuvector-scanner, grafana-image-renderer, terraform-provider-grafana, knative-eventing, prometheus, oauth2-proxy, cilium-envoy,...
GHSA-P77J-4MVH-X3M3 vulnerabilities
Vulnerabilities for packages: scorecard, percona-server-mongodb-operator, velero-plugin-for-csi, rancher, falcoctl, step-issuer, gitaly, gatus, neuvector-scanner, grafana-image-renderer, terraform-provider-grafana, knative-eventing, prometheus, oauth2-proxy, cilium-envoy,...
CVE-2026-33186 vulnerabilities
Vulnerabilities for packages: flyte, kubernetes-csi-external-resizer-fips, crossplane-provider-aws-cloudformation-fips, src, sftpgo-plugin-pubsub, backup-restore-operator-fips, crossplane-provider-aws-backup-fips, boring-registry, cloud-provider-aws, consul-k8s, vault-fips, gitaly, jfrog-cli,...
GHSA-P77J-4MVH-X3M3 vulnerabilities
Vulnerabilities for packages: flyte, kubernetes-csi-external-resizer-fips, crossplane-provider-aws-cloudformation-fips, src, sftpgo-plugin-pubsub, backup-restore-operator-fips, crossplane-provider-aws-backup-fips, boring-registry, cloud-provider-aws, consul-k8s, vault-fips, gitaly, jfrog-cli,...