8 matches found
Insertion of Sensitive Information Into Sent Data
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the diagnostics endpoint. An attacker can obtain sensitive secret-backed plugin configuration data by accessing this endpoint. Remediation There is no fixed version for...
Insertion of Sensitive Information Into Sent Data
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the diagnostics endpoint. An attacker can obtain sensitive secret-backed plugin configuration data by accessing this endpoint. Remediation Upgrade...
Incomplete Filtering of Special Elements
Overview Affected versions of this package are vulnerable to Incomplete Filtering of Special Elements in the config-snippets feature flag. An attacker can access sensitive environment variables, including the Kubernetes service account token secret, by injecting arbitrary HAProxy directives. Note...
EUVD-2025-33296
HAProxy Kubernetes Ingress Controller before 3.1.13, when the config-snippets feature flag is used, accepts config snippets from users with create/update permissions. This can result in obtaining an ingress token secret as a response. The fixed versions of HAProxy Enterprise Kubernetes Ingress...
CVE-2021-32783
Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy...
Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerabilities (CVE-2023-5043, CVE-2023-5044, CVE-2022-4886)
Summary IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerabilities where a user that can create or update Ingress objects can use the nginx.ingress.kubernetes.io/configuration-snippet annotation CVE-2023-5043 or the...
CVE-2021-32783 Authorization bypass in Contour
Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy...
What’s New in Wallarm Node 2.10
We have recently released a new version of Wallarm Node. After your next update window, you will see some new features your DevOps team is certain to like. Firstly, your monitoring and reporting got a lot livelier. Starting with this version in addition to JSON format metrics can be exported in...