Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2026-42965
- EPSS 0.23%
- Veröffentlicht 29.05.2026 09:50:44
- Zuletzt bearbeitet 30.06.2026 03:19:42
A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service backed by an FQDN (Fully Qualified Domain Name) EndpointSlice that resolves to a cloud metadata endpoint. This allow...
7.5
CVE-2026-46579
- EPSS 0.23%
- Veröffentlicht 29.05.2026 09:50:44
- Zuletzt bearbeitet 30.06.2026 03:20:22
A flaw was found in the OpenShift Router. When a Route has `insecureEdgeTerminationPolicy` set to Allow, the HTTP frontend does not remove `X-SSL-Client-*` headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP req...
1