14 matches found
PT-2026-29932
Traefik has Knative Ingress Rule Injection that Allows Host Restriction Bypass in github.com/traefik/traefik...
SUSE CVE-2026-32695
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative rules.hosts was...
CVE-2026-32695
A flaw was found in Traefik, an HTTP reverse proxy and load balancer. When using the Knative provider, Traefik incorrectly interpolates user-controlled values into router rule expressions without proper escaping. This vulnerability allows an attacker to inject malicious rule syntax, leading to a...
EUVD-2026-16606
Traefik has Knative Ingress Rule Injection that Allows Host Restriction Bypass...
GHSA-67JX-R9PV-98RJ Traefik has Knative Ingress Rule Injection that Allows Host Restriction Bypass
Summary There is a potential vulnerability in Traefik's Kubernetes Knative, Ingress, and Ingress-NGINX providers related to rule injection. User-controlled values are interpolated into backtick-delimited Traefik router rule expressions without escaping or validation. A malicious value containing ...
CVE-2026-32695
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative rules.hosts was...
PT-2026-28442
Name of the Vulnerable Software and Affected Versions Traefik versions prior to 3.6.11 and 3.7.0-ea.2 Description Traefik’s Knative provider constructs router rules by incorporating user-provided values into rule expressions without proper sanitization. Specifically, the rules.hosts field in...
Linux Distros Unpatched Vulnerability : CVE-2023-28628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority- regex allows an attacker to send malicious URLs to be...
USN-7604-1 sudo vulnerabilities
Rich Mirch discovered that Sudo incorrectly handled the host option. In environments where per-host rules are configured in the sudoers file, a local attacker could use this issue to bypass the host restrictions. CVE-2025-32462 Rich Mirch discovered that Sudo incorrectly handled the chroot option...
PT-2024-40188 · Silverstripe · Silverstripe
Name of the Vulnerable Software and Affected Versions: SilverStripe affected versions not specified Description: The issue allows spoofing of HTTP headers, which can lead to various security problems, including bypassing IP restrictions and SSL enforcement. This is due to SilverStripe trusting...
CVE-2023-28628
lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...
UBUNTU-CVE-2023-28628
lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...
Design/Logic Flaw
lambdaisland/uri is a pure Clojure/ClojureScript URI library. In versions prior to 1.14.120 authority-regex allows an attacker to send malicious URLs to be parsed by the lambdaisland/uri and return the wrong authority. This issue is similar to but distinct from CVE-2020-8910. The regex in questio...
USN-2210-1 cups-filters vulnerability
Sebastian Krahmer discovered that cups-browsed incorrectly filtered remote printer names and strings. A remote attacker could use this issue to possibly execute arbitrary commands. CVE-2014-2707 Johannes Meixner discovered that cups-browsed ignored invalid BrowseAllow directives. This could cause...