EUVD-2021-6961

Malicious code in bioql PyPI...

EUVD-2023-1449

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-1494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configure...

CVE-2023-30851

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple toEndpoints AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be...

GO-2023-1785 Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium

Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium...

BIT-HUBBLE-UI-2023-30851

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple toEndpoints AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be...

BIT-HUBBLE-UI-2024-28248

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being...

BIT-CILIUM-PROXY-2023-30851

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple toEndpoints AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be...

BIT-HUBBLE-2024-28248

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being...

BIT-HUBBLE-RELAY-2024-28248

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being...

BIT-CILIUM-2024-28248

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being...

CVE-2024-28248 Cilium intermittent HTTP policy bypass

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being...

Intermittent HTTP policy bypass

Impact Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. Patches This issue affects: Cilium v1.13 between v1.13.9 and v1.13.12 inclusive Cilium v1.14...

Quarkus Security Vulnerabilities

Quarkus is a cloud-native Linux container-first framework for writing Java applications. A security vulnerability exists in Quarkus that stems from one of the HTTP security policies failing to properly clean up certain character alignments when accepting a request, resulting in incorrect privileg...

CVE-2023-4342

CVE-2023-4342 affects the Broadcom RAID Controller web interface. Root cause: insecure defaults due to a missing HTTP Strict-Transport-Security policy. Documented impact indicates high confidentiality, integrity, and availability risk from a network-accessible web interface, with exploitation det...

CVE-2023-30851

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple toEndpoints AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be...

Design/Logic Flaw

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple toEndpoints AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be...

CVE-2023-30851

CVE-2023-30851 affects Cilium’s eBPF dataplane. When a HTTP policy targets multiple toEndpoints and an allow-all rule affects only one endpoint, a wildcard rule is appended to the HTTP rules, potentially bypassing the policy. This issue has been patched in Cilium releases 1.11.16, 1.12.9, and 1.1...

CVE-2023-30851 Potential HTTP policy bypass when using header rules in Cilium

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple toEndpoints AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be...

Authentication Bypass

github.com/cilium/cilium is vulnerable to Authentication Bypass. The vulnerability exists in the addRulesForEndpoints function at l4.go when the http policy applies for multiple endpoint which allows an attacker to bypass the http policy rules and perform unauthorized actions...