github.com/weaveworks/weave is vulnerable to man-in-the-middle attacks. IPv4 only clusters allows for MitM attacks via IPv6 rogue router advertisements if an attacker is able to run a process as root in a container and is able to respond to DNS requests from the host.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/weaveworks/weave | le | 2.6.2 |