Lucene search
K

7 matches found

OSV
OSV
added 2024/07/01 11:18 a.m.20 views

BIT-HUBBLE-UI-2023-27594

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which...

7.3CVSS7AI score0.00552EPSS
Exploits0References4
OSV
OSV
added 2024/05/15 12:8 p.m.13 views

BIT-CILIUM-2023-27594 Cilium vulnerable to potential network policy bypass when routing IPv6 traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which...

7.3CVSS5.4AI score0.00552EPSS
Exploits0References5
Prion
Prion
added 2023/03/17 8:15 p.m.14 views

Design/Logic Flaw

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which...

7.5CVSS7.1AI score0.00552EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/03/17 7:56 p.m.40 views

CVE-2023-27594 Cilium vulnerable to potential network policy bypass when routing IPv6 traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which...

4.2CVSS7.3AI score0.00552EPSS
Exploits0References4
OSV
OSV
added 2023/03/17 7:56 p.m.20 views

CVE-2023-27594 Cilium vulnerable to potential network policy bypass when routing IPv6 traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which...

4.2CVSS7.2AI score0.00552EPSS
Exploits0References6
OSV
OSV
added 2022/07/15 9:46 p.m.17 views

GHSA-WC5V-R48V-G4VH Cilium host policy bypass in endpoint-routes mode with dual-stack

Impact This vulnerability allows bypassing host policies for IPv6 traffic coming from a Cilium-managed pod and destined to the host-network namespace e.g., to a host-network pod. Host policy enforcement on IPv4 or for traffic coming from outside the node is not affected. Cilium is only affected b...

3.3CVSS7AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/07/15 9:46 p.m.64 views

Cilium host policy bypass in endpoint-routes mode with dual-stack

Impact This vulnerability allows bypassing host policies for IPv6 traffic coming from a Cilium-managed pod and destined to the host-network namespace e.g., to a host-network pod. Host policy enforcement on IPv4 or for traffic coming from outside the node is not affected. Cilium is only affected b...

7AI score
Exploits0References3Affected Software1
Rows per page
Query Builder