Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:17 a.m.3 views

CVE-2025-23047

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An insecure default Access-Control-Allow-Origin header value could lead to sensitive data exposure for users of Cilium versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4 who...

6.5CVSS6.3AI score0.00481EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-2423

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.00408EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2388

Malicious code in bioql PyPI...

3.5CVSS4.6AI score0.00448EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 5:31 a.m.4 views

CVE-2023-29002

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug...

7.2CVSS6.3AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/04/23 8:57 a.m.13 views

BIT-HUBBLE-RELAY-2025-32793 Cilium packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can lea...

4CVSS4.2AI score0.00118EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 12:39 a.m.6 views

CVE-2024-37307

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...

7.9CVSS7.6AI score0.0018EPSS
Exploits0
OSV
OSV
added 2025/01/27 7:9 a.m.9 views

BIT-CILIUM-2025-23047 Cilium vulnerable to information leakage via insecure default Hubble UI CORS header

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An insecure default Access-Control-Allow-Origin header value could lead to sensitive data exposure for users of Cilium versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4 who...

6.5CVSS6.2AI score0.00481EPSS
Exploits0References3
OSV
OSV
added 2024/03/18 9:42 p.m.7 views

CVE-2024-28250 Cilium has possible unencrypted traffic between nodes when using WireGuard and L7 policies

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...

6.1CVSS6AI score0.00172EPSS
Exploits0References6
Rows per page
Query Builder