Github.Com Containernetworking Plugins vulnerabilities

CVE-2025-67499 [MEDIUM] CWE-200 CNA Plugins Portmap nftables backend can intercept non-local traffic CNA Plugins Portmap nftables backend can intercept non-local traffic ### Background The CNI `portmap` plugin allows containers to emulate opening a host port, forwarding that traffic to the container. For example, if a host has the IP 198.51.100.42, a container may request that all packets to `198.51.100.42:53` be forwarded to the container's network. ### Vulnerability When the `portmap` plug

CVE-2020-10749 [MEDIUM] CWE-300 containernetworking/plugins vulnerable to MitM attacks containernetworking/plugins vulnerable to MitM attacks A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious con