Description
Incorrect behavior order in the Gateway API listener-rule generation in Amazon AWS Load Balancer Controller before 3.4.2 might allow an authenticated remote user to intercept, spoof, or deny another namespace's gRPC traffic on a shared Gateway via a crafted HTTPRoute resource.
To mitigate this issue, users should upgrade to version 3.4.2.
To mitigate this issue, users should upgrade to version 3.4.2.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Tue, 14 Jul 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Incorrect behavior order in the Gateway API listener-rule generation in Amazon AWS Load Balancer Controller before 3.4.2 might allow an authenticated remote user to intercept, spoof, or deny another namespace's gRPC traffic on a shared Gateway via a crafted HTTPRoute resource. To mitigate this issue, users should upgrade to version 3.4.2. | |
| Title | Cross-namespace traffic interception via incorrect route precedence ordering in AWS Load Balancer Controller | |
| First Time appeared |
Amazon
Amazon aws-load-balancer-controller |
|
| Weaknesses | CWE-653 | |
| CPEs | cpe:2.3:a:amazon:aws-load-balancer-controller:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Amazon
Amazon aws-load-balancer-controller |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: AMZN
Published:
Updated: 2026-07-14T20:19:23.721Z
Reserved: 2026-07-14T14:02:30.277Z
Link: CVE-2026-15738
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-653
Improper Isolation or Compartmentalization