Lucene search
K

143 matches found

CVE
CVE
added 2023/02/03 12:0 a.m.507 views

CVE-2022-31733

The CVE-2022-31733 issue affects Cloud Foundry’s CF Diego cells and CF Deployment, where starting with diego-release 2.55.0–2.69.0 and CF Deployment 17.1–23.2.0, apps are reachable via an additional port on diego cells, enabling ingress without a client certificate when mTLS route integrity is en...

9.1CVSS9AI score0.00378EPSS
Exploits0References1Affected Software2
Cloud Foundry
Cloud Foundry
added 2022/12/12 12:0 a.m.23 views

CVE-2022-31733: Unsecured Application Port | Cloud Foundry

High Vendor Cloud Foundry Foundation Description Apps running on cf-deployment are accessible unproxied via a programmatically-generated port on diego cells. The route integrity with mTLS feature rep.containers.proxy.requireandverifyclientcertificates, exposes an additional port that requires a...

9.1CVSS9.1AI score0.00378EPSS
Exploits0
Veracode
Veracode
added 2022/12/11 5:0 a.m.22 views

Improper Certificate Validation

github.com/traefik/traefik is vulnerable to improper certificate validation. A route secured using the mTLS connection is exposed to remote attackers due to improper client certificate verification when the TLSOption is empty...

8.1CVSS6.3AI score0.00488EPSS
Exploits0References6Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/12/11 12:0 a.m.32 views

FreeBSD : traefik -- multiple vulnerabilities (508da89c-78b9-11ed-854f-5404a68ad561)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 508da89c-78b9-11ed-854f-5404a68ad561 advisory. - Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are...

8.1CVSS6.8AI score0.00977EPSS
Exploits1References4
Prion
Prion
added 2022/12/08 10:15 p.m.25 views

Design/Logic Flaw

Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS...

4CVSS6.5AI score0.00488EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/12/08 9:46 p.m.29 views

CVE-2022-46153 Routes exposed with an empty TLSOption in traefik

Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS...

8.1CVSS8.2AI score0.00488EPSS
Exploits0References4
CVE
CVE
added 2022/12/08 9:46 p.m.117 views

CVE-2022-46153

Traefik (open source HTTP reverse proxy/load balancer) prior to version 2.9.6 is affected by CVE-2022-46153: a router configured with a not well-formatted TLSOption can be exposed with an empty TLSOption, potentially enabling routes secured with mTLS to operate without proper client-certificate v...

8.1CVSS7AI score0.00488EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2022/12/08 9:46 p.m.47 views

CVE-2022-46153

Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS...

8.1CVSS7.1AI score0.00488EPSS
Exploits0
OSV
OSV
added 2022/12/08 9:46 p.m.23 views

CVE-2022-46153 Routes exposed with an empty TLSOption in traefik

Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS...

8.1CVSS6.5AI score0.00488EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/12/08 4:11 p.m.45 views

Traefik routes exposed with an empty TLSOption

Impact There is a potential vulnerability in Traefik managing the TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS connection set with a wrong CA file is exposed without verifying the client...

8.1CVSS6.2AI score0.00488EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/12/08 4:11 p.m.25 views

GHSA-468W-8X39-GJ5V Traefik routes exposed with an empty TLSOption

Impact There is a potential vulnerability in Traefik managing the TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS connection set with a wrong CA file is exposed without verifying the client...

6.5CVSS6.9AI score0.00488EPSS
Exploits0References6
NVD
NVD
added 2022/08/01 8:15 p.m.20 views

CVE-2022-31183

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on...

9.8CVSS0.00629EPSS
Exploits1References3
Prion
Prion
added 2022/08/01 8:15 p.m.20 views

Design/Logic Flaw

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on...

7.5CVSS9.3AI score0.00629EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/08/01 7:50 p.m.22 views

CVE-2022-31183 mTLS client verification is skipped in fs2 on Node.js

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on...

9.1CVSS9.6AI score0.00629EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/08/01 7:50 p.m.3 views

CVE-2022-31183 mTLS client verification is skipped in fs2 on Node.js

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on...

9.1CVSS9.6AI score0.00629EPSS
Exploits1References3
CVE
CVE
added 2022/08/01 7:50 p.m.83 views

CVE-2022-31183

The CVE-2022-31183 issue affects fs2-io running on Node.js, where server-mode TLSSocket with requestCert = true incorrectly ignores the setting and skips peer certificate verification. Root cause: the Node.js implementation of fs2-io mishandled mTLS, while the JVM TLS path is unaffected. Impact: ...

9.8CVSS9.3AI score0.00629EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/08/01 7:50 p.m.19 views

CVE-2022-31183 mTLS client verification is skipped in fs2 on Node.js

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on...

9.1CVSS9AI score0.00629EPSS
Exploits1References5
GitLab Advisory Database
GitLab Advisory Database
added 2022/08/01 12:0 a.m.28 views

Improper Certificate Validation

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on...

9.8CVSS3.2AI score0.00629EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/08/01 12:0 a.m.40 views

Improper Certificate Validation

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on...

9.8CVSS3.2AI score0.00629EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/08/01 12:0 a.m.22 views

Improper Certificate Validation

fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode TLSSocket using fs2-io on Node.js, the parameter requestCert = true is ignored, peer certificate verification is skipped, and the connection proceeds. The vulnerability is limited to: 1. fs2-io running on...

9.8CVSS3.2AI score0.00629EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder