Lucene search
K

164 matches found

OSV
OSV
added 2024/07/01 11:15 a.m.18 views

BIT-HUBBLE-UI-2024-28249

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2024/07/01 11:10 a.m.12 views

BIT-CILIUM-PROXY-2024-28249

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6AI score0.00271EPSS
Exploits0References4
NVD
NVD
added 2024/05/01 7:15 a.m.19 views

CVE-2024-32017

RIOT is a real-time multi-threading operating system that supports a range of devices that are typically 8-bit, 16-bit and 32-bit microcontrollers. The size check in the gcoapdnsserverproxyget function contains a small typo that may lead to a buffer overflow in the subsequent strcpy. In detail, t...

9.8CVSS10AI score0.01476EPSS
Exploits2References5
OSV
OSV
added 2024/03/22 6:39 p.m.14 views

GO-2024-2656 Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium

In Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, traffic that should be IPsec-encrypted between a node's Envoy proxy and pods on other nodes is sent unencrypted, and traffic that should be IPsec-encrypted between a node's DNS proxy and pods on other nodes is sent...

6.1CVSS6AI score0.00271EPSS
Exploits0References1
NVD
NVD
added 2024/03/18 10:15 p.m.28 views

CVE-2024-28249

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6.1AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2024/03/18 9:36 p.m.9 views

CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6AI score0.00271EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/03/18 8:33 p.m.27 views

Unencrypted traffic between nodes when using WireGuard and L7 policies

Impact In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies: - Traffic that should be WireGuard-encrypted is sent unencrypted between a node's Envoy proxy and pods on other nodes. - Traffic that should be WireGuard-encrypted is sent unencrypted between a node's DNS prox...

6.1CVSS6.8AI score0.00172EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.3 views

PT-2024-22366 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions 1.14.0 through 1.14.7 Cilium versions 1.15.0 through 1.15.1 Cilium version 1.14.4 with encryption.wireguard.encapsulate set to false in tunneling mode Description: In Cilium clusters with WireGuard enabled and traffic matching...

6.1CVSS6.8AI score0.00172EPSS
Exploits0References18
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.19 views

openSUSE: Security Advisory for connman (openSUSE-SU-2023:0369-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.00964EPSS
Exploits1References2
OSV
OSV
added 2023/11/14 3:14 p.m.6 views

OPENSUSE-SU-2023:0370-1 Security update for connman

This update for connman fixes the following issues: - Update to 1.42 Fix issue with iwd and signal strength calculation. Fix issue with iwd and handling service removal. Fix issue with iwd and handling new connections. Fix issue with handling default online check URL. Fix issue with handling...

6.5CVSS7AI score0.00964EPSS
Exploits1References3
OSV
OSV
added 2023/11/14 3:14 p.m.9 views

OPENSUSE-SU-2023:0369-1 Security update for connman

This update for connman fixes the following issues: Update to 1.42 Fix issue with iwd and signal strength calculation. Fix issue with iwd and handling service removal. Fix issue with iwd and handling new connections. Fix issue with handling default online check URL. Fix issue with handling...

6.5CVSS6.8AI score0.00964EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/10/31 12:0 a.m.43 views

GLSA-202310-21 : ConnMan: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202310-21 ConnMan: Multiple Vulnerabilities - An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an...

9.8CVSS8.4AI score0.02598EPSS
Exploits3References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.4 views

SUSE CVE-2022-23097

An issue was discovered in the DNS proxy in Connman through 1.40. forwarddnsreply mishandles a strnlen call, leading to an out-of-bounds read...

9.1CVSS7.9AI score0.02372EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.2 views

SUSE CVE-2022-23096

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read...

9.1CVSS8AI score0.02598EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.1 views

SUSE CVE-2022-23098

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received...

7.5CVSS7.6AI score0.02485EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/10/11 12:0 a.m.38 views

Debian dla-3144 : connman - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3144 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3144-1 [email protected]...

9.1CVSS7.9AI score0.02598EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2022/09/20 12:0 a.m.35 views

Debian DSA-5231-1 : connman - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5231 advisory. Several vulnerabilities were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary...

9.8CVSS8.1AI score0.02598EPSS
Exploits3References14
CNNVD
CNNVD
added 2022/08/15 12:0 a.m.8 views

Domain Name Relay Daemon 安全漏洞

Domain Name Relay Daemon DNRD is a Sourceforge open source caching, forwarding DNS proxy server. A security vulnerability exists in DNRD Domain Name Relay Daemon version 2.20.3, which stems from a domain name and its associated IP address being cached in its misinterpreted form, where the...

5.3CVSS5.7AI score0.00738EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/08/15 12:0 a.m.4 views

dproxy 安全漏洞

dproxy is an intelligent caching DNS proxy by Matthew Pratt, a personal developer. A security vulnerability exists in dproxy that stems from setting the CD aka Check Disabled bit to 1, which causes the DNSSEC protection provided by the upstream resolver to be disabled...

5.3CVSS5.7AI score0.00753EPSS
Exploits1References4
Fedora
Fedora
added 2022/07/17 1:15 a.m.45 views

[SECURITY] Fedora 35 Update: dnscrypt-proxy-2.1.1-4.fc35

A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. Features: - DNS traffic encryption and authentication. Supports DNS-over-HTTPS DoH and DNSCrypt. - DNSSEC compatible - DNS query monitoring, with separate log files for regular and...

9.3CVSS8.5AI score0.05994EPSS
Exploits4
Rows per page
Query Builder