Vulnerabilities > Getambassador

DATE CVE VULNERABILITY TITLE RISK
2021-07-09 CVE-2021-36371 Improper Certificate Validation vulnerability in Getambassador Emissary-Ingress
Emissary-Ingress (formerly Ambassador API Gateway) through 1.13.9 allows attackers to bypass client certificate requirements (i.e., mTLS cert_required) on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate authentication.
4.3