2 matches found
CVE-2020-10749
The CVE-2020-10749 entry affects containernetworking/plugins versions before 0.8.6, due to improper validation of IPv6 router advertisements that enables man-in-the-middle (MitM) attacks in Kubernetes clusters. A malicious container could redirect traffic by sending rogue IPv6 router advertisemen...
CVE-2025-67499
The CVE-2025-67499 issue affects the CNI portmap plugin (versions 1.6.0–1.8.0) when configured with the nftables backend: it forwards all traffic sharing the host port, ignoring the destination IP, enabling containers requesting HostPort forwarding to intercept traffic not intended for the node. ...