Tigera Calico 输入验证错误漏洞

Tigera Calico is an open source network security solution for container, virtual machine and host workloads from US-based Tigera. A security vulnerability exists in Tigera Calico version 3.22.1 and earlier, and Calico Enterprise version 3.12.0 and earlier, which stems from vulnerability to route...

CVE-2022-28224

Clusters using Calico version 3.22.1 and below, Calico Enterprise version 3.12.0 and below, may be vulnerable to route hijacking with the floating IP feature. Due to insufficient validation, a privileged attacker may be able to set a floating IP annotation to a pod even if the feature is not...