F5

Big-ip Next Service Proxy For Kubernetes

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-61990

  • EPSS 0.11%
  • Veröffentlicht 15.10.2025 15:19:52
  • Zuletzt bearbeitet 21.10.2025 12:12:24

When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5

CVE-2025-61974

  • EPSS 0.11%
  • Veröffentlicht 15.10.2025 13:55:55
  • Zuletzt bearbeitet 21.10.2025 21:09:04

When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5

CVE-2025-58120

  • EPSS 0.13%
  • Veröffentlicht 15.10.2025 13:55:51
  • Zuletzt bearbeitet 22.10.2025 20:49:29

When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

6.5

CVE-2025-55670

  • EPSS 0.1%
  • Veröffentlicht 15.10.2025 13:55:48
  • Zuletzt bearbeitet 22.10.2025 20:49:14

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) a...

6.5

CVE-2025-54805

  • EPSS 0.1%
  • Veröffentlicht 15.10.2025 13:55:48
  • Zuletzt bearbeitet 21.10.2025 20:14:45

When an iRule is configured on a virtual server via the declarative API, upon re-instantiation, the cleanup process can cause an increase in the Traffic Management Microkernel (TMM) memory resource utilization.  Note: Software versions which have rea...

7.5

CVE-2025-46706

  • EPSS 0.11%
  • Veröffentlicht 15.10.2025 13:55:45
  • Zuletzt bearbeitet 21.10.2025 18:54:09

When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evalua...

7.5

CVE-2025-60016

  • EPSS 0.11%
  • Veröffentlicht 15.10.2025 13:55:44
  • Zuletzt bearbeitet 22.10.2025 21:06:10

When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Mi...

7.5

CVE-2025-48008

  • EPSS 0.11%
  • Veröffentlicht 15.10.2025 13:55:44
  • Zuletzt bearbeitet 21.10.2025 18:53:07

When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions...

7.5

CVE-2025-54500

Medienbericht
  • EPSS 0.11%
  • Veröffentlicht 13.08.2025 14:46:55
  • Zuletzt bearbeitet 03.11.2025 20:19:14

An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack).  Note: Software versions which have reached End of Technical Su...

8.7

CVE-2025-41399

Medienbericht
  • EPSS 0.09%
  • Veröffentlicht 07.05.2025 22:15:20
  • Zuletzt bearbeitet 21.10.2025 18:43:09

When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are no...