324 matches found
Security Bulletin: Nomad vulnerable to cross-namespace host volume claim deletion
Summary HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace...
CVE-2026-14896
HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace. This...
CVE-2026-14896
HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature, potentially allowing an operator with host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace. Root cau...
EUVD-2026-42392
HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace. This...
CVE-2026-14896 Nomad vulnerable to cross-namespace host volume claim deletion
HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace. This...
Nomad vulnerable to cross-namespace host volume claim deletion
Summary HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace...
CVE-2026-53935
Summary: CVE-2026-53935 affects Cilium versions prior to 1.17.16, 1.18.2–1.18.9, and 1.19.0–1.19.3. An attacker who can create a CiliumLocalRedirectPolicy may specify arbitrary ClusterIPs via addressMatcher, enabling cross-namespace traffic hijacking to Services and bypassing serviceMatcher names...
CVE-2026-53935
Cilium is a networking, observability, and security solution. Prior to 1.17.16, from 1.18.2 to 1.18.9, and from 1.19.0 to 1.19.3, users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, enabling hijacking traffic to Services in any namespa...
CVE-2026-53935 CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation
Cilium is a networking, observability, and security solution. Prior to 1.17.16, from 1.18.2 to 1.18.9, and from 1.19.0 to 1.19.3, users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, enabling hijacking traffic to Services in any namespa...
CVE-2026-53935 CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation
Cilium is a networking, observability, and security solution. Prior to 1.17.16, from 1.18.2 to 1.18.9, and from 1.19.0 to 1.19.3, users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, enabling hijacking traffic to Services in any namespa...
GO-2026-5914 CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation in github.com/cilium/cilium
CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation in github.com/cilium/cilium...
CVE-2026-54765
Traefik is an open source HTTP reverse proxy and load balancer. From v3.7.0 prior to v3.7.6, Traefik's Kubernetes Gateway API provider may resolve two accepted HTTPRoutes that target the same backend Service:port but configure different backendRef filters to the same child service and apply only...
CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation
Impact Users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, which enables hijacking traffic to Services in any namespace, bypassing the namespace-scoping guarantees enforced by serviceMatcher. In addition, deleting such a policy can...
CVE-2026-54765
Traefik is an open source HTTP reverse proxy and load balancer. From v3.7.0 prior to v3.7.6, Traefik's Kubernetes Gateway API provider may resolve two accepted HTTPRoutes that target the same backend Service:port but configure different backendRef filters to the same child service and apply only...
CVE-2026-54765
CVE-2026-54765 affects Traefik v3.7.0 through v3.7.5, fixed in v3.7.6. In the Kubernetes Gateway API provider, two accepted HTTPRoutes targeting the same backend Service:port can have different backendRef filters, with only one route’s filter set applied to all requests. This can allow a route’s ...
CVE-2026-54765 Traefik: Gateway HTTPRoute backendRef filters can leak backend context across routes sharing a Service:port
Traefik is an open source HTTP reverse proxy and load balancer. From v3.7.0 prior to v3.7.6, Traefik's Kubernetes Gateway API provider may resolve two accepted HTTPRoutes that target the same backend Service:port but configure different backendRef filters to the same child service and apply only...
PT-2026-56012
Name of the Vulnerable Software and Affected Versions Traefik versions 3.7.0 through 3.7.5 Description Traefik's Kubernetes Gateway API provider may incorrectly resolve two accepted HTTPRoutes that target the same backend Service:port but use different backendRef filters for the same child servic...
CVE-2026-44935 Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer
Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants...
GHSA-XR65-5CPM-G36X Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer
Impact A vulnerability in Fleet for Rancher Manager affects multi-tenancy environments where different tenants share the same downstream clusters e.g., different privileged or untrusted teams inside the same organization. On unpatched versions, tenants could bypass restrictions to access any conf...
Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer
Impact A vulnerability in Fleet for Rancher Manager affects multi-tenancy environments where different tenants share the same downstream clusters e.g., different privileged or untrusted teams inside the same organization. On unpatched versions, tenants could bypass restrictions to access any conf...