14 matches found
SUSE CVE-2025-64715
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.16.17, 1.17.10, and 1.18.4, CiliumNetworkPolicys which use egress.toGroups.aws.securityGroupsIds to reference AWS security group IDs that do not exist or are not attached to any network...
EUVD-2025-8006
Malicious code in bioql PyPI...
BIT-CILIUM-2025-30163 Node based network policies may incorrectly allow workload traffic
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based...
GO-2025-3561 Cilium node based network policies may incorrectly allow workload traffic in github.com/cilium/cilium
Cilium node based network policies may incorrectly allow workload traffic in github.com/cilium/cilium...
CVE-2025-30162
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...
Cilium node based network policies may incorrectly allow workload traffic
Impact Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based network policy is disabled by default in Cilium. Patches This issue was fixed by...
CVE-2025-30163 Node based network policies may incorrectly allow workload traffic
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based...
CVE-2025-30163 Node based network policies may incorrectly allow workload traffic
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based...
Cilium Access Control Error Vulnerability
Cilium is an open source software. It is used to provide and transparently secure network connectivity and load balancing between application workloads, such as application containers or processes. An access control error vulnerability exists in Cilium that stems from allowing an attacker to bypa...
CVE-2023-39347 Cilium NetworkPolicy bypass via pod labels
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...
PT-2023-27910 · Cilium · Cilium
Name of the Vulnerable Software and Affected Versions: Cilium versions prior to 1.14.2 Cilium versions prior to 1.13.7 Cilium versions prior to 1.12.14 Description: An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace can affect traffic on an enti...
GHSA-PFHR-PCCP-HWMH Network Policies & (Clusterwide) Cilium Network Policies with namespace label selectors may unexpectedly select pods with maliciously crafted labels
Impact If a user has Network Policies with namespace selectors selecting labels of namespaces, or clusterwide Cilium Network Policies matching on namespace labels, then it is possible for an attacker with Kubernetes pod deploy rights either directly or indirectly via higher-level APIs such as...
CVE-2022-29179 Improper Privilege Management in Cilium
Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed,...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Apache Log4j Zero Day aka Log4Shell aka CVE-2021-44228 I...