Lucene search
GoogleOSV:GO-2024-2653HistoryMar 22, 2024 - 6:44 p.m.
HTTP policy bypass in github.com/cilium/cilium
2024-03-2218:44:07
Google
osv.dev
11
cilium
http
policy
bypass
github
repository
issue
traffic
software
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
48.0%
Cilium’s HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped.
Related
osv
osv
BIT-cilium-proxy-2024-28248
2024-07-01 11:11:03
BIT-hubble-relay-2024-28248
2024-05-24 19:21:07
BIT-cilium-2024-28248
2024-05-15 12:05:44
cve
cve
CVE-2024-28248
2024-03-18 22:15:08
veracode
veracode
HTTP Policy Bypass
2024-03-21 06:42:47
wolfi
wolfi
CVE-2024-28248 vulnerabilities
2024-09-27 09:13:12
vulnrichment
vulnrichment
CVE-2024-28248 Cilium intermittent HTTP policy bypass
2024-03-18 21:31:51
github
github
Intermittent HTTP policy bypass
2024-03-18 20:30:22
cgr
cgr
CVE-2024-28248 vulnerabilities
2024-05-19 03:07:16
nvd
nvd
CVE-2024-28248
2024-03-18 22:15:08
cvelist
cvelist
CVE-2024-28248 Cilium intermittent HTTP policy bypass
2024-03-18 21:31:51
wallarmlab
wallarmlab
The Other Crowdstrike Outage
2024-08-19 19:36:15
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
48.0%
Related for OSV:GO-2024-2653