6 matches found
CVE-2026-11815 Insecure Deserialization via MITM in Layer 7 Policy Manager
An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution...
CVE-2026-11815
CVE-2026-11815 describes insecure deserialization via MITM between a client application and an API Gateway server, potentially allowing deserialization of arbitrary objects and leading to broken security expectations or remote code execution. The vulnerability is associated with the Layer 7 Polic...
CVE-2026-11815 Insecure Deserialization via MITM in Layer 7 Policy Manager
An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution...
CVE-2024-52529
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For users with the following configuration: 1. An allow policy that selects a Layer 3 destination and a port range AND 2. A Layer 7 allow policy that selects a specific port within the first policy's range...
Cilium 安全漏洞
Cilium is an open source software from Cilium Open Source. It is used to provide and transparently protect network connectivity and load balancing between application workloads such as application containers or processes. A security vulnerability exists in Cilium that stems from the fact that in...
PT-2024-35358 · Cilium · Cilium
Name of the Vulnerable Software and Affected Versions: Cilium versions 1.16.0 through 1.16.3 Description: The issue arises when there is a Layer 3 policy with a port range and a Layer 7 policy with a port within the first policy's range. In such cases, the Layer 7 policy enforcement would not occ...