119 matches found
BIT-HUBBLE-RELAY-2024-42487 Cilium's Gateway API route matching order contradicts specification
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular,...
BIT-CILIUM-2024-42487 Cilium's Gateway API route matching order contradicts specification
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular,...
BIT-CILIUM-OPERATOR-2024-42487 Cilium's Gateway API route matching order contradicts specification
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular,...
Security Bypass
github.com/cilium/cilium is vulnerable to Security Bypass. The vulnerability is due to improper implementation of match precedence in Gateway API HTTPRoutes and GRPCRoutes, where request headers are matched before request methods. It allows an attacker to exploit the incorrect request handling...
Cilium 安全漏洞
Cilium is an open source software from Cilium Open Source. It is used to provide and transparently secure network connectivity and load balancing between application workloads, such as application containers or processes. A security vulnerability exists in Cilium versions 1.15.0 through prior to...
PT-2024-29983 · Cilium · Cilium
Name of the Vulnerable Software and Affected Versions: Cilium versions 1.15.x through 1.15.7 Cilium version 1.16.0 Description: The issue arises from incorrect propagation of ReferenceGrant changes in Cilium's GatewayAPI controller. This could lead to Gateway resources accessing secrets for longe...
Gateway API route matching order contradicts specification
Impact Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular, request headers are matched before request methods, when the specification describes that the request methods must be respected before headers are matched...
GHSA-QCM3-7879-XCWW Gateway API route matching order contradicts specification
Impact Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular, request headers are matched before request methods, when the specification describes that the request methods must be respected before headers are matched...
CVE-2024-42487
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular,...
CVE-2024-42487 Cilium's Gateway API route matching order contradicts specification
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular,...
CVE-2024-42487 Cilium's Gateway API route matching order contradicts specification
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular,...
CVE-2024-42487
Cilium (1.15.x before 1.15.8 and 1.16.x before 1.16.1) has a header-vs-methods match-order flaw in Gateway API HTTPRoutes/GRPCRoutes. The match precedence described by the Gateway API specification is violated, causing potential security-related misbehavior. Affected component: eBPF-based datapla...
CVE-2024-42487 Cilium's Gateway API route matching order contradicts specification
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular,...
PT-2024-29984 · Cilium · Cilium
Name of the Vulnerable Software and Affected Versions: Cilium versions 1.15.0 through 1.15.7 Cilium version 1.16.0 Description: The Gateway API HTTPRoutes and GRPCRoutes in Cilium do not follow the match precedence specified in the Gateway API specification. Request headers are matched before...
Cilium 安全漏洞
Cilium is an open source software from Cilium Open Source. It is used to provide and transparently secure network connectivity and load balancing between application workloads such as application containers or processes. A security vulnerability exists in Cilium versions prior to 1.15.8 and 1.16....
BIT-HUBBLE-UI-BACKEND-2023-34242
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of...
BIT-HUBBLE-UI-2023-34242
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of...
BIT-HUBBLE-UI-2024-37307
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...
BIT-HUBBLE-UI-BACKEND-2024-37307
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run with the --envoy-dump flag set against Cilium...
BIT-CILIUM-PROXY-2023-34242
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of...