CVE-2024-42487: Gateway API route matching order contradicts specification
Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular, request headers are matched before request methods, when the specification describes that the request methods must be respected before headers are matched (HTTPRouteRule, GRPCRouteRule).
If users create Gateway API resources that use both request headers and request methods in order to route to different destinations, then traffic may be delivered to the incorrect backend. If the backend does not have Network Policy restricting acceptable traffic to receive, then requests may access information that you did not intend for them to access.
References
- github.com/advisories/GHSA-qcm3-7879-xcww
- github.com/cilium/cilium
- github.com/cilium/cilium/commit/a3510fe4a92305822aa1a5e08cb6d6c873c8699a
- github.com/cilium/cilium/commit/d88772b9c29e370becbc4547cada6711d51edcde
- github.com/cilium/cilium/commit/fe42273566a943a0f3174c87b23a195c856b51d6
- github.com/cilium/cilium/pull/34109
- github.com/cilium/cilium/security/advisories/GHSA-qcm3-7879-xcww
- nvd.nist.gov/vuln/detail/CVE-2024-42487
Detect and mitigate CVE-2024-42487 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →