99 matches found
CVE-2026-32695
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative rules.hosts was...
CVE-2026-32695 Traefik has Knative Ingress Rule Injection that Allows Host Restriction Bypass
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative rules.hosts was...
CVE-2026-32695
Summary: CVE-2026-32695 affects Traefik with Knative provider. Prior to versions 3.6.11 and 3.7.0-ea.2, routers were built by interpolating user-controlled values into backtick-delimited rule expressions without escaping, enabling rule-syntax injection and host/header manipulation. In live multi-...
GHSA-W9FJ-CFPG-GRVV vulnerabilities
Vulnerabilities for packages: camunda, wildfly, wavefront-proxy, akhq, kafbat-ui, localstack, kayenta, kafka-bridge, flyway-fips, knative-kafka-broker-fips, keycloak-fips, opensearch, spark, knative-kafka-broker, kserve-modelmesh, pinot, elasticsearch, camunda-zeebe, pinot-fips,...
CVE-2026-33871 vulnerabilities
Vulnerabilities for packages: camunda, wildfly, wavefront-proxy, akhq, kafbat-ui, localstack, kayenta, kafka-bridge, flyway-fips, knative-kafka-broker-fips, keycloak-fips, opensearch, spark, knative-kafka-broker, kserve-modelmesh, pinot, elasticsearch, camunda-zeebe, pinot-fips,...
GHSA-PWQR-WMGM-9RR8 vulnerabilities
Vulnerabilities for packages: camunda, wildfly, wavefront-proxy, akhq, kafbat-ui, localstack, kayenta, kafka-bridge, flyway-fips, knative-kafka-broker-fips, keycloak-fips, neo4j, opensearch, spark, knative-kafka-broker, kserve-modelmesh, pinot, elasticsearch, camunda-zeebe, pinot-fips,...
CVE-2026-33870 vulnerabilities
Vulnerabilities for packages: camunda, wildfly, wavefront-proxy, akhq, kafbat-ui, localstack, kayenta, kafka-bridge, flyway-fips, knative-kafka-broker-fips, keycloak-fips, neo4j, opensearch, spark, knative-kafka-broker, kserve-modelmesh, pinot, elasticsearch, camunda-zeebe, pinot-fips,...
Traefik 注入漏洞
Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions prior to Traefik 3.6.11 and 3.7.0-ea.2 contained a vulnerability related to injection attacks. This vulnerability stemmed from Knative-enabled programs that inserted user-controlled values into rule...
PT-2026-28442
Name of the Vulnerable Software and Affected Versions Traefik versions prior to 3.6.11 and 3.7.0-ea.2 Description Traefik’s Knative provider constructs router rules by incorporating user-provided values into rule expressions without proper sanitization. Specifically, the rules.hosts field in...
CVE-2021-0341 vulnerabilities
Vulnerabilities for packages: knative-kafka-broker, s3proxy, s3proxy-fips...
GHSA-3CQM-MF7H-PRRJ vulnerabilities
Vulnerabilities for packages: knative-kafka-broker, s3proxy, s3proxy-fips...
GHSA-5MH9-3JWC-RP59 vulnerabilities
Vulnerabilities for packages: kubeflow-katib, cert-manager-csi-driver-fips, gitlab-kas-fips, cfssl-fips, kubeflow-pipelines, redis-operator-fips, oauth2-proxy, cue-fips, pgtimetable, kube-logging-operator-custom-runner-fips, spire-controller-manager, sonobuoy, gitlab-pages-fips, rook-fips,...
CVE-2025-61729 vulnerabilities
Vulnerabilities for packages: harbor-scanner-trivy-fips, k8s-agents-operator-fips, stern, rekor, nodetaint, kubeflow-katib, cert-manager-csi-driver-fips, gitlab-kas-fips, cfssl-fips, percona-server-mongodb-operator, docker-credential-acr-env, kaf, kubernetes-dashboard-api, jaeger-operator-fips,...
GHSA-7C64-F9JR-V9H2 vulnerabilities
Vulnerabilities for packages: harbor-scanner-trivy-fips, k8s-agents-operator-fips, stern, rekor, nodetaint, kubeflow-katib, cert-manager-csi-driver-fips, gitlab-kas-fips, cfssl-fips, percona-server-mongodb-operator, docker-credential-acr-env, kaf, kubernetes-dashboard-api, jaeger-operator-fips,...
EUVD-2023-3019
Malicious code in bioql PyPI...
GHSA-8PJC-487G-W6P2 vulnerabilities
Vulnerabilities for packages: cerbos, ratify, rancher-system-agent, nodetaint, kubeflow-katib, aws-application-networking-k8s, cluster-api-provider-vsphere, kind, kubernetes-csi-external-health-monitor, tekton-chains, kubernetes-dashboard-auth, ip-masq-agent, kubernetes-dashboard-api, tkn,...
CVE-2025-47906 vulnerabilities
Vulnerabilities for packages: docker-credential-ecr-login, custom-pod-autoscaler-operator, container-object-storage-interface, secrets-store-csi-driver-provider-aws, shfmt, gitsign, knative-eventing, kube-logging-operator-custom-runner-fips, cloud-provider-aws, newrelic-fluent-bit-output,...
GHSA-GWRF-JF3H-W649 vulnerabilities
Vulnerabilities for packages: docker-credential-ecr-login, custom-pod-autoscaler-operator, container-object-storage-interface, secrets-store-csi-driver-provider-aws, shfmt, gitsign, knative-eventing, kube-logging-operator-custom-runner-fips, cloud-provider-aws, newrelic-fluent-bit-output,...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: harbor-scanner-trivy-fips, trust-manager, cluster-api-gcp-controller, kaniko, logstash-exporter, kubeflow-katib, rekor, cert-manager-csi-driver-fips, yunikorn-web, gitlab-kas-fips, cfssl-fips, kaf, kubernetes-dashboard-api, jaeger-operator-fips, aws-flb-cloudwatch,...
GO-2023-2355 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler in knative.dev/serving
Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler in knative.dev/serving...