10 matches found
EUVD-2021-22991
Malware in sbrugna...
CVE-2021-36371
Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...
Emissary-Ingress Trust Management Issues Vulnerability
Emissary-Ingress is an open source, Kubernetes-native API gateway for microservices built with Envoy agents. Emissary-Ingress suffers from a trust management issue vulnerability that can be exploited by an attacker to bypass client certificate requirements on the back-end upstream...
CVE-2021-36371
Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...
CVE-2021-36371
Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...
Design/Logic Flaw
Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...
CVE-2021-36371
Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...
CVE-2021-36371
CVE-2021-36371 is reported for Emissary-Ingress (formerly Ambassador API Gateway). The vulnerability allows bypassing client certificate requirements (mTLS cert_required) on backend upstreams when more than one TLSContext exists and any configuration does not require client cert authentication. T...
CVE-2021-36371
Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...
Emissary-Ingress 信任管理问题漏洞
Emissary-Ingress is an open source, Kubernetes-native API gateway for microservices built with Envoy agents. Emissary-Ingress suffers from a trust management issue vulnerability that can be exploited by an attacker to bypass client certificate requirements on the back-end upstream...