Product
projectcontour contour
6 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-41246
CVE-2024-36539
CVE-2023-44487
CVE-2023-22834
CVE-2021-32783
CVE-2020-15127
>= 1.19.0 and < 1.31.6
Contour is a Kubernetes ingress controller using Envoy proxy. From v1.19.0 to before v1.33.4, v1.32.5, and v1.31.6, Contour's Cook
all versions
Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service
< 2023-10-11
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q
< 9.642.0
The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an atta
< 1.17.1
Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName ty
< 1.7.0
In Contour ( Ingress controller for Kubernetes) before version 1.7.0, a bad actor can shut down all instances of Envoy, essentiall