CVE-2023-39347 vulnerabilities

Vulnerabilities for packages: cilium-fips, cilium...

CVE-2023-39347

creationtimestamp| type| source ---|---|--- 2023-09-27 18:45:59+00:00| seen| https://t.me/cibsecurity/71097...

CVE-2023-39347 Cilium NetworkPolicy bypass via pod labels

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...