CVE-2026-41184
- EPSS 0.5%
- Veröffentlicht 28.05.2026 15:47:42
- Zuletzt bearbeitet 05.06.2026 17:05:19
In Calico, the install-cni init container logs the rendered CNI configuration to standard output. When the configuration template uses the __SERVICEACCOUNT_TOKEN__ placeholder (Canal/Flannel-Calico deployments), the installer substitutes the live Kub...
CVE-2026-41185
- EPSS 0.32%
- Veröffentlicht 28.05.2026 15:47:42
- Zuletzt bearbeitet 05.06.2026 17:03:34
When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled co...
CVE-2026-6720
- EPSS 0.22%
- Veröffentlicht 28.05.2026 15:47:42
- Zuletzt bearbeitet 29.05.2026 15:39:34
When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stderr in a single log line. The struct embeds every credential calicoctl uses to talk to the c...
CVE-2022-28224
- EPSS 0.56%
- Veröffentlicht 06.06.2022 18:15:09
- Zuletzt bearbeitet 30.09.2025 18:45:43
Clusters using Calico (version 3.22.1 and below), Calico Enterprise (version 3.12.0 and below), may be vulnerable to route hijacking with the floating IP feature. Due to insufficient validation, a privileged attacker may be able to set a floating IP ...