4 matches found
GO-2025-4222 CNA Plugins Portmap nftables backend can intercept non-local traffic in github.com/containernetworking/plugins
CNA Plugins Portmap nftables backend can intercept non-local traffic in github.com/containernetworking/plugins...
CVE-2025-67499 CNI Plugins Portmap nftables backend intercepts non-local traffic
The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftables backend, thus...
EUVD-2025-202173
CNA Plugins Portmap nftables backend can intercept non-local traffic...
CNA Plugins Portmap nftables backend can intercept non-local traffic
Background The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. For example, if a host has the IP 198.51.100.42, a container may request that all packets to 198.51.100.42:53 be forwarded to the container's network. Vulnerability When t...