Astra Linux - уязвимость в haproxy

A issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. This issue does not ensure that the scheme and path portions of a URI contain the expected characters. For example, the authority field as observed on a target HTTP/2 server might differ from what the...

Authentication Bypass

github.com/kgateway-dev/kgateway is vulnerable to Authentication Bypass. The vulnerability is due to lack of authentication on the xDS port, which allows an attacker with network access to retrieve sensitive configuration data such as certificates, backend services, routing rules, and cluster...

MiracleLinux 8 : NetworkManager-1.40.16-18.el8_10.ML.1 (AXSA:2025-9552:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9552:02 advisory. Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routi...

MiracleLinux 9 : NetworkManager-1.48.10-5.el9_5.ML.1 (AXSA:2025-9560:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9560:03 advisory. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its...

Missing Authentication

Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...

Missing Authentication

Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...

kgateway is missing xDS authorization

Summary The xDS interface in Kgateway versions 2.0.0 through 2.0.4 lacks authentication, allowing any client with unrestricted network access to the xDS port to retrieve potentially sensitive configuration data including certificate data, backend service information, routing rules, and cluster...

Missing Authentication

Overview Affected versions of this package are vulnerable to Missing Authentication in the xDS interface. An attacker can access sensitive configuration data, including certificate information, backend service details, routing rules, and cluster metadata, by connecting to the exposed port without...

Traefik allows path traversal using url encoding

Impact There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it’s possible to target ...

CVE-2020-6879

Some ZTE devices have input verification vulnerabilities. The devices support configuring a static prefix through the web management page. The restriction of the front-end code can be bypassed by constructing a POST request message and sending the request to the creation of a static routing rule...

RLSA-2025:0288 Moderate: Bug fix of NetworkManager

Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routing table that is specified by ipv4.route-table JIRA:Rocky Linux-73051 VPN connections do not support ipv4.routing-rules settings JIRA:Rocky...

Oracle Linux 9 : and / bug / fixes / for / NetworkManager (ELSA-2025-0377)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0377 advisory. 1.48.10-5.0.1 - disable MPTCP handling by default Orabug: 34801142 - add connectivity check via Oracle servers Orabug: 32051972 1:1.48.10-5 - vpn: Support routi...

ALSA-2025:0377 Moderate: Security and bug fixes for NetworkManager

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

Security and bug fixes for NetworkManager

1.48.10-5.0.1 - disable MPTCP handling by default Orabug: 34801142 - add connectivity check via Oracle servers Orabug: 32051972 1:1.48.10-5 - vpn: Support routing rules in vpn conenctions RHEL-73167 - vpn: Place gateway route to table defined in ipvx.route-table RHEL-73166 1:1.48.10-4 - Remove...

RHEL 8 : Bug fix of NetworkManager (Moderate) (RHSA-2025:0288)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0288 advisory. Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored ...

Moderate: Red Hat Security Advisory: Bug fix of NetworkManager

Bug fix of NetworkManager Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routing table that is specified by ipv4.route-table JIRA:RHEL-73051 VPN connections do not support ipv4.routing-rules...

ALSA-2025:0288 Moderate: Bug fix of NetworkManager

Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routing table that is specified by ipv4.route-table JIRA:AlmaLinux-73051 VPN connections do not support ipv4.routing-rules settings...

Moderate: Bug fix of NetworkManager

Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routing table that is specified by ipv4.route-table JIRA:AlmaLinux-73051 VPN connections do not support ipv4.routing-rules settings...

CVE-2021-47546

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6rulesuppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppressprefix rule is present in the IPv6 routing rules used by certain tools such as wg-quick. I...

CVE-2021-47546

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6rulesuppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppressprefix rule is present in the IPv6 routing rules used by certain tools such as wg-quick. I...