Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Traefik has Knative Ingress Rule Injection that Allows Host Restriction Bypass
Vulnerability Description
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative `rules[].hosts[]` was exploitable for host restriction bypass (for example `tenant.example.com`) || Host(`attacker.com`), producing a router that serves attacker-controlled hosts. Knative `headers[].exact` also allows rule-syntax injection and proves unsafe rule construction. In multi-tenant clusters, this can route unauthorized traffic to victim services and lead to cross-tenant traffic exposure. Versions 3.6.11 and 3.7.0-ea.2 patch the issue.
CVSS Information
N/A
Vulnerability Type
输出中的特殊元素转义处理不恰当(注入)
Vulnerability Title
Traefik 注入漏洞
Vulnerability Description
Traefik是Traefik开源的一款反向代理与负载均衡工具。 Traefik 3.6.11之前版本和3.7.0-ea.2之前版本存在注入漏洞,该漏洞源于Knative提供程序通过将用户控制的值插入到反引号分隔的规则表达式中来构建路由器规则而未进行转义,可能导致在多租户集群中路由未经授权的流量到受害者服务并导致跨租户流量暴露。
CVSS Information
N/A
Vulnerability Type
N/A