Lucene search
K

99 matches found

AlpineLinux
AlpineLinux
added 2026/03/27 1:47 p.m.3 views

CVE-2026-32695

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative rules.hosts was...

7.7CVSS5.9AI score0.00463EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/27 1:47 p.m.3 views

CVE-2026-32695 Traefik has Knative Ingress Rule Injection that Allows Host Restriction Bypass

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative rules.hosts was...

6.3CVSS5.9AI score0.00463EPSS
Exploits1References3
CVE
CVE
added 2026/03/27 1:47 p.m.21 views

CVE-2026-32695

Summary: CVE-2026-32695 affects Traefik with Knative provider. Prior to versions 3.6.11 and 3.7.0-ea.2, routers were built by interpolating user-controlled values into backtick-delimited rule expressions without escaping, enabling rule-syntax injection and host/header manipulation. In live multi-...

7.7CVSS5.9AI score0.00463EPSS
Exploits1References7Affected Software1
Chainguard
Chainguard
added 2026/03/27 1:18 p.m.4 views

GHSA-W9FJ-CFPG-GRVV vulnerabilities

Vulnerabilities for packages: camunda, wildfly, wavefront-proxy, akhq, kafbat-ui, localstack, kayenta, kafka-bridge, flyway-fips, knative-kafka-broker-fips, keycloak-fips, opensearch, spark, knative-kafka-broker, kserve-modelmesh, pinot, elasticsearch, camunda-zeebe, pinot-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/03/27 1:18 p.m.14 views

CVE-2026-33871 vulnerabilities

Vulnerabilities for packages: camunda, wildfly, wavefront-proxy, akhq, kafbat-ui, localstack, kayenta, kafka-bridge, flyway-fips, knative-kafka-broker-fips, keycloak-fips, opensearch, spark, knative-kafka-broker, kserve-modelmesh, pinot, elasticsearch, camunda-zeebe, pinot-fips,...

8.7CVSS6.8AI score0.01125EPSS
Exploits0
Chainguard
Chainguard
added 2026/03/27 7:17 a.m.4 views

GHSA-PWQR-WMGM-9RR8 vulnerabilities

Vulnerabilities for packages: camunda, wildfly, wavefront-proxy, akhq, kafbat-ui, localstack, kayenta, kafka-bridge, flyway-fips, knative-kafka-broker-fips, keycloak-fips, neo4j, opensearch, spark, knative-kafka-broker, kserve-modelmesh, pinot, elasticsearch, camunda-zeebe, pinot-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/03/27 7:17 a.m.11 views

CVE-2026-33870 vulnerabilities

Vulnerabilities for packages: camunda, wildfly, wavefront-proxy, akhq, kafbat-ui, localstack, kayenta, kafka-bridge, flyway-fips, knative-kafka-broker-fips, keycloak-fips, neo4j, opensearch, spark, knative-kafka-broker, kserve-modelmesh, pinot, elasticsearch, camunda-zeebe, pinot-fips,...

7.5CVSS6.7AI score0.0064EPSS
Exploits1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.9 views

Traefik 注入漏洞

Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions prior to Traefik 3.6.11 and 3.7.0-ea.2 contained a vulnerability related to injection attacks. This vulnerability stemmed from Knative-enabled programs that inserted user-controlled values into rule...

7.7CVSS5.8AI score0.00463EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.6 views

PT-2026-28442

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 3.6.11 and 3.7.0-ea.2 Description Traefik’s Knative provider constructs router rules by incorporating user-provided values into rule expressions without proper sanitization. Specifically, the rules.hosts field in...

7.7CVSS5.9AI score0.00494EPSS
Exploits1References50
Chainguard
Chainguard
added 2026/03/11 1:17 p.m.23 views

CVE-2021-0341 vulnerabilities

Vulnerabilities for packages: knative-kafka-broker, s3proxy, s3proxy-fips...

7.5CVSS6.7AI score0.00877EPSS
Exploits0
Chainguard
Chainguard
added 2026/03/11 1:17 p.m.2 views

GHSA-3CQM-MF7H-PRRJ vulnerabilities

Vulnerabilities for packages: knative-kafka-broker, s3proxy, s3proxy-fips...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/12/07 7:17 p.m.6 views

GHSA-5MH9-3JWC-RP59 vulnerabilities

Vulnerabilities for packages: kubeflow-katib, cert-manager-csi-driver-fips, gitlab-kas-fips, cfssl-fips, kubeflow-pipelines, redis-operator-fips, oauth2-proxy, cue-fips, pgtimetable, kube-logging-operator-custom-runner-fips, spire-controller-manager, sonobuoy, gitlab-pages-fips, rook-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/12/05 1:28 a.m.12 views

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: harbor-scanner-trivy-fips, k8s-agents-operator-fips, stern, rekor, nodetaint, kubeflow-katib, cert-manager-csi-driver-fips, gitlab-kas-fips, cfssl-fips, percona-server-mongodb-operator, docker-credential-acr-env, kaf, kubernetes-dashboard-api, jaeger-operator-fips,...

7.5CVSS7AI score0.00459EPSS
Exploits2
Chainguard
Chainguard
added 2025/12/05 1:28 a.m.9 views

GHSA-7C64-F9JR-V9H2 vulnerabilities

Vulnerabilities for packages: harbor-scanner-trivy-fips, k8s-agents-operator-fips, stern, rekor, nodetaint, kubeflow-katib, cert-manager-csi-driver-fips, gitlab-kas-fips, cfssl-fips, percona-server-mongodb-operator, docker-credential-acr-env, kaf, kubernetes-dashboard-api, jaeger-operator-fips,...

6.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-3019

Malicious code in bioql PyPI...

6.5CVSS6.2AI score0.00867EPSS
Exploits0References6
Chainguard
Chainguard
added 2025/09/24 2:18 p.m.9 views

GHSA-8PJC-487G-W6P2 vulnerabilities

Vulnerabilities for packages: cerbos, ratify, rancher-system-agent, nodetaint, kubeflow-katib, aws-application-networking-k8s, cluster-api-provider-vsphere, kind, kubernetes-csi-external-health-monitor, tekton-chains, kubernetes-dashboard-auth, ip-masq-agent, kubernetes-dashboard-api, tkn,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/09/20 1:30 p.m.6 views

CVE-2025-47906 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, custom-pod-autoscaler-operator, container-object-storage-interface, secrets-store-csi-driver-provider-aws, shfmt, gitsign, knative-eventing, kube-logging-operator-custom-runner-fips, cloud-provider-aws, newrelic-fluent-bit-output,...

6.5CVSS6.6AI score0.00489EPSS
Exploits1
Chainguard
Chainguard
added 2025/09/20 1:30 p.m.6 views

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, custom-pod-autoscaler-operator, container-object-storage-interface, secrets-store-csi-driver-provider-aws, shfmt, gitsign, knative-eventing, kube-logging-operator-custom-runner-fips, cloud-provider-aws, newrelic-fluent-bit-output,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2025/08/09 1:17 p.m.9 views

GHSA-J5PM-7495-QMR3 vulnerabilities

Vulnerabilities for packages: harbor-scanner-trivy-fips, trust-manager, cluster-api-gcp-controller, kaniko, logstash-exporter, kubeflow-katib, rekor, cert-manager-csi-driver-fips, yunikorn-web, gitlab-kas-fips, cfssl-fips, kaf, kubernetes-dashboard-api, jaeger-operator-fips, aws-flb-cloudwatch,...

6.1AI score
Exploits0
OSV
OSV
added 2024/08/21 2:30 p.m.10 views

GO-2023-2355 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler in knative.dev/serving

Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler in knative.dev/serving...

6.5CVSS5.7AI score0.00867EPSS
Exploits0References5
Rows per page
Query Builder