Lucene search
K

14 matches found

SUSE CVE
SUSE CVE
added 2026/01/06 12:25 a.m.13 views

SUSE CVE-2025-64715

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.16.17, 1.17.10, and 1.18.4, CiliumNetworkPolicys which use egress.toGroups.aws.securityGroupsIds to reference AWS security group IDs that do not exist or are not attached to any network...

5.5CVSS6.8AI score0.00161EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-8006

Malicious code in bioql PyPI...

4.7CVSS5AI score0.00197EPSS
Exploits0References3
OSV
OSV
added 2025/03/26 7:7 a.m.4 views

BIT-CILIUM-2025-30163 Node based network policies may incorrectly allow workload traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based...

4.7CVSS3.8AI score0.00197EPSS
Exploits0References4
OSV
OSV
added 2025/03/25 7:38 p.m.5 views

GO-2025-3561 Cilium node based network policies may incorrectly allow workload traffic in github.com/cilium/cilium

Cilium node based network policies may incorrectly allow workload traffic in github.com/cilium/cilium...

4.7CVSS4AI score0.00197EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/25 3:51 a.m.14 views

CVE-2025-30162

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...

3.2CVSS7AI score0.0021EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/03/24 7:36 p.m.14 views

Cilium node based network policies may incorrectly allow workload traffic

Impact Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based network policy is disabled by default in Cilium. Patches This issue was fixed by...

4.7CVSS6.9AI score0.00197EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/24 6:46 p.m.10 views

CVE-2025-30163 Node based network policies may incorrectly allow workload traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based...

3.4CVSS7AI score0.00197EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/24 6:46 p.m.30 views

CVE-2025-30163 Node based network policies may incorrectly allow workload traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based...

3.4CVSS0.00197EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.4 views

Cilium Access Control Error Vulnerability

Cilium is an open source software. It is used to provide and transparently secure network connectivity and load balancing between application workloads, such as application containers or processes. An access control error vulnerability exists in Cilium that stems from allowing an attacker to bypa...

8.1CVSS6.8AI score0.00408EPSS
Exploits0References4
OSV
OSV
added 2023/09/26 6:30 p.m.34 views

CVE-2023-39347 Cilium NetworkPolicy bypass via pod labels

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...

7.6CVSS8.8AI score0.0046EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/09/26 12:0 a.m.2 views

PT-2023-27910 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions prior to 1.14.2 Cilium versions prior to 1.13.7 Cilium versions prior to 1.12.14 Description: An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace can affect traffic on an enti...

8.1CVSS6.8AI score0.00408EPSS
Exploits0References17
OSV
OSV
added 2022/08/30 8:6 p.m.13 views

GHSA-PFHR-PCCP-HWMH Network Policies & (Clusterwide) Cilium Network Policies with namespace label selectors may unexpectedly select pods with maliciously crafted labels

Impact If a user has Network Policies with namespace selectors selecting labels of namespaces, or clusterwide Cilium Network Policies matching on namespace labels, then it is possible for an attacker with Kubernetes pod deploy rights either directly or indirectly via higher-level APIs such as...

4.3CVSS7AI score
Exploits0References5
Cvelist
Cvelist
added 2022/05/20 6:30 p.m.29 views

CVE-2022-29179 Improper Privilege Management in Cilium

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed,...

7.5CVSS8.5AI score0.00355EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2021/12/15 10:55 a.m.398 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Apache Log4j Zero Day aka Log4Shell aka CVE-2021-44228 I...

10CVSS9.3AI score0.99999EPSS
Exploits351
Rows per page
Query Builder