Go modules package
github.com/kgateway-dev/kgateway/v2
pkg:golang/github.com/kgateway-dev/kgateway/v2
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-64323 | Med | 5.3 | >= 2.1.0-agw-cel-rbac, < 2.1.0 | 2.1.0 | Nov 7, 2025 | kgateway is a Cloud-Native API and AI Gateway. Versions 2.0.4 and below and 2.1.0-agw-cel-rbac through 2.1.0-rc.2 lack authentication, allowing any client with unrestricted network access to the xDS port to retrieve potentially sensitive configuration data including certificate d |
- affected >= 2.1.0-agw-cel-rbac, < 2.1.0fixed 2.1.0
kgateway is a Cloud-Native API and AI Gateway. Versions 2.0.4 and below and 2.1.0-agw-cel-rbac through 2.1.0-rc.2 lack authentication, allowing any client with unrestricted network access to the xDS port to retrieve potentially sensitive configuration data including certificate d