CVE-2026-46260

A flaw was found in the Linux kernel's IPv6 networking subsystem. This vulnerability, an out-of-bound read, occurs during the creation of an IPv6 route with specific parameters. A local attacker could exploit this flaw to cause memory corruption, potentially leading to system instability or a...

EUVD-2025-208134

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

CVE-2025-9909 Aap-gateway: improper path validation in gateway allows credential exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

CVE-2025-9909

The CVE-2025-9909 issue affects Red Hat Ansible Automation Platform Gateway route creation: improper gateway_path handling allows an attacker with admin privileges to create misleading routes (double-slash prefix) to intercept credentials, potentially enabling persistent backdoors. It is describe...

Skipper code issue vulnerabilities

Skipper is an open-source HTTP router and reverse proxy developed by Zalando SE for service combinations. Versions of Skipper prior to 0.24.0 had code vulnerabilities due to improper permission configuration, which could allow users to create routes to access internal services...

aap-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

CVE-2022-25508

An access control issue in the component /ManageRoute/postRoute of FreeTAKServer v1.9.8 allows unauthenticated attackers to cause a Denial of Service DoS via an unusually large amount of created routes, or create unsafe or false routes for legitimate users...

PT-2022-17338 · Unknown · Freetakserver

Name of the Vulnerable Software and Affected Versions: FreeTAKServer versions 1.9.8 through 1.9.8.4 Description: An access control issue in the component /ManageRoute/postRoute of FreeTAKServer allows unauthenticated attackers to cause a Denial of Service DoS via an unusually large amount of...

PT-2018-5038 · Red Hat · Openshift Enterprise

Name of the Vulnerable Software and Affected Versions: OpenShift Enterprise 3 affected versions not specified Description: The issue arises from the OpenShift Enterprise 3 router's failure to properly sort routes when processing new additions. This allows an attacker with route creation access to...

Important: Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update

Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements. Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or privat...