Go modules package
github.com/weaveworks/weave
pkg:golang/github.com/weaveworks/weave
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-11091 | — | < 2.6.3 | 2.6.3 | Jun 3, 2020 | In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host (v |
- CVE-2020-11091Jun 3, 2020affected < 2.6.3fixed 2.6.3
In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host (v