Lucene search
K

4 matches found

OSV
OSV
added 2026/05/19 7:30 p.m.5 views

GHSA-M23H-6MWM-39M8 Kong Ingress Controller for Kubernetes (KIC): Cross-namespace TLS Secret Exfiltration in Gateways with GatewayClass missing `konghq.com/gatewayclass-unmanaged: 'true'` annotation

Summary A vulnerability in the Kong Ingress Controller KIC allows for the unauthorized exfiltration of TLS certificates and private keys across Kubernetes namespace boundaries. In "managed" mode where the GatewayClass lacks an unmanaged annotation, the Gateway TLS translator skips critical status...

6.9CVSS5.9AI score
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/12/27 12:0 a.m.10 views

CVE-2023-46919

Phlox com.phlox.simpleserver aka Simple HTTP Server 1.8 and com.phlox.simpleserver.plus aka Simple HTTP Server PLUS 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K AES encryption key. An attacker with physical access to the application's source code or binary can extract this key & use it...

6.8AI score0.00119EPSS
Exploits1References1
Veracode
Veracode
added 2023/06/26 2:42 a.m.19 views

Information Disclosure

github.com/cilium/cilium is vulnerable to Information Disclosure. The vulnerability exists due to the lack of namespace checks for TLS secret references in the Gateway API, which allows an attacker to gain access to secrets including certificates and services across namespaces and configure Ciliu...

5.3CVSS7AI score0.00305EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2020/03/03 11:40 p.m.23 views

CVE-2020-8664

An access control bypass vulnerability was found in envoy. When the same TLS secret is used across multiple resources, the client's data, such as the subject alternative name or hash, is not validated. This flaw could lead to a possible bypass of security restrictions...

7.3CVSS6.3AI score0.013EPSS
Exploits0References4
Rows per page
Query Builder