Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2024/10/21 7:5 p.m.28 views

CVE-2024-47825 CIDR deny policies may not take effect when a more narrow CIDR allow is present

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSe...

4CVSS6.9AI score0.00391EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 7:3 p.m.12 views

GHSA-3WWX-63FV-PFQ6 Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present

Impact A policy rule denying a prefix that is broader than /32 may be ignored if there is - A policy rule referencing a more narrow prefix CIDRSet or toFQDN and - This narrower policy rule specifies either enableDefaultDeny: false or - toEntities: all Note that a rule specifying toEntities: world...

4CVSS6AI score0.00391EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/10/21 7:3 p.m.24 views

Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present

Impact A policy rule denying a prefix that is broader than /32 may be ignored if there is - A policy rule referencing a more narrow prefix CIDRSet or toFQDN and - This narrower policy rule specifies either enableDefaultDeny: false or - toEntities: all Note that a rule specifying toEntities: world...

8.7CVSS6.7AI score0.00391EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder