2 matches found
CVE-2025-30163
CVE-2025-30163 affects Cilium’s node-based network policies: policies using fromNodes/toNodes may incorrectly permit traffic to/from non-node endpoints sharing the same labels. Affected versions are Cilium v1.16.0–v1.16.7 and v1.17.0–v1.17.1; the issue is fixed in v1.16.8 and v1.17.2. Root cause:...
CVE-2024-13484 Openshift-gitops-operator-container: namespace isolation break
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the...