Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2025/12/24 12:24 a.m.5 views

SUSE CVE-2025-67499

The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftables backend, thus...

6.6CVSS6.4AI score0.00121EPSS
Exploits0References3
CVE
CVE
added 2025/12/09 11:13 p.m.25 views

CVE-2025-67499

The CVE-2025-67499 issue affects the CNI portmap plugin (versions 1.6.0–1.8.0) when configured with the nftables backend: it forwards all traffic sharing the host port, ignoring the destination IP, enabling containers requesting HostPort forwarding to intercept traffic not intended for the node. ...

6.6CVSS6.3AI score0.00121EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/12/09 5:18 p.m.2 views

GHSA-JV3W-X3R3-G6RM CNA Plugins Portmap nftables backend can intercept non-local traffic

Background The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. For example, if a host has the IP 198.51.100.42, a container may request that all packets to 198.51.100.42:53 be forwarded to the container's network. Vulnerability When t...

6.6CVSS6.7AI score0.00121EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/12/09 5:18 p.m.10 views

CNA Plugins Portmap nftables backend can intercept non-local traffic

Background The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. For example, if a host has the IP 198.51.100.42, a container may request that all packets to 198.51.100.42:53 be forwarded to the container's network. Vulnerability When t...

6.6CVSS6.8AI score0.00121EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2021/11/12 12:0 a.m.8 views

PT-2021-7849 · Podman +7 · Podman +7

Name of the Vulnerable Software and Affected Versions: podman affected versions not specified Description: A flaw was found in podman. The podman machine function spawns a gvproxy process on the host system. The gvproxy API is accessible on port 7777 on all IP addresses on the host. If that port ...

7.5CVSS7AI score0.06975EPSS
Exploits10References183
Rows per page
Query Builder