Kgateway transformation policy template can emit files from the container

Summary The transformation policy template feature in Kgateway versions through 2.0.4 allows users with TrafficPolicy creation permissions to craft transformations that read and expose arbitrary files from the dataplane container filesystem. Description Impact Users with permissions to create a...

EUVD-2024-0947

Malicious code in bioql PyPI...

EUVD-2024-0762

Malicious code in bioql PyPI...

EUVD-2024-2923

Malicious code in bioql PyPI...

EUVD-2023-1449

Malicious code in bioql PyPI...

EUVD-2024-2630

Malicious code in bioql PyPI...

EUVD-2024-1011

Malicious code in bioql PyPI...

EUVD-2025-0150

Malicious code in bioql PyPI...

EUVD-2024-2669

Malicious code in bioql PyPI...

EUVD-2025-12230

Malicious code in bioql PyPI...

EUVD-2024-0842

Malicious code in bioql PyPI...

EUVD-2023-2388

Malicious code in bioql PyPI...

EUVD-2024-2192

Malicious code in bioql PyPI...

EUVD-2024-0547

Malicious code in bioql PyPI...

EUVD-2023-1875

Malicious code in bioql PyPI...

EUVD-2023-2423

Malicious code in bioql PyPI...

CVE-2024-47825

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSe...

CVE-2024-42487

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular,...

CVE-2024-52529

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For users with the following configuration: 1. An allow policy that selects a Layer 3 destination and a port range AND 2. A Layer 7 allow policy that selects a specific port within the first policy's range...

CVE-2024-25630

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who are using CRDs to store Cilium state the default configuration and Wireguard transparent encryption, traffic to/from the Ingress and health endpoints is not encrypted. This issue affect...