Browse all 8 CVE security advisories affecting weaveworks. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Weaveworks develops cloud-native networking and observability solutions, primarily focusing on the Weave Net and Weave GitOps platforms. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues. Security researchers have identified flaws in their container networking components that could allow unauthorized access or container escapes. While no major public security incidents have been widely reported, the 8 CVEs on record highlight potential risks in their networking stack, particularly around authentication and input validation. Their open-source nature encourages community scrutiny but also exposes code to broader vulnerability discovery efforts.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-34236 | Information Disclosure Vulnerability in Weave GitOps Terraform Controller — tf-controllerCWE-200 | 8.5 | High | 2023-07-14 |
This page lists every published CVE security advisory associated with weaveworks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.