Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-0947

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00271EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-1011

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00172EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 7:45 a.m.5 views

CVE-2024-28250

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...

6.1CVSS6.1AI score0.00172EPSS
Exploits0References1
Veracode
Veracode
added 2024/12/09 7:53 a.m.8 views

Improper Handling Of Exceptional Conditions

github.com/cilium/cilium is vulnerable to Improper Handling of Exceptional Conditions. The vulnerability is due to a misconfiguration in handling Layer 3 and Layer 7 allow policies when port ranges are used, allows an attacker to bypass Layer 7 security policies by exploiting the failure to enfor...

5.8CVSS5.5AI score0.00507EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/07/01 11:15 a.m.19 views

BIT-HUBBLE-UI-2024-28249

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2024/06/04 9:42 a.m.9 views

BIT-HUBBLE-2024-28250

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...

6.1CVSS6AI score0.00172EPSS
Exploits0References4
OSV
OSV
added 2024/05/15 12:5 p.m.35 views

BIT-CILIUM-2024-28250

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...

6.1CVSS6AI score0.00172EPSS
Exploits0References4
OSV
OSV
added 2024/03/22 6:38 p.m.30 views

GO-2024-2657 Unencrypted traffic between nodes with WireGuard in github.com/cilium/cilium

In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies: traffic that should be WireGuard-encrypted is sent unencrypted between a node's Envoy proxy and pods on other nodes, and traffic that should be WireGuard-encrypted is sent unencrypted between a node's DNS proxy and...

6.1CVSS6AI score0.00172EPSS
Exploits0References1
Veracode
Veracode
added 2024/03/22 9:1 a.m.17 views

Missing Encryption Of Sensitive Data

Cilium is vulnerable to Missing Encryption Of Sensitive Data. The vulnerability is due to WireGuard eligible traffic sent between a node's Envoy/DNS proxy and pods on other nodes being sent unencrypted when traffic matches Layer 7 policies. This issue can expose sensitive data as it travels betwe...

6.1CVSS6.6AI score0.00172EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2024/03/18 10:15 p.m.35 views

CVE-2024-28250

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...

6.1CVSS6.1AI score0.00172EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/18 9:36 p.m.33 views

CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6.3AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2024/03/18 9:36 p.m.9 views

CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6AI score0.00271EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/03/18 9:36 p.m.8 views

CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6.7AI score0.00271EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/03/18 8:33 p.m.27 views

Unencrypted traffic between nodes when using WireGuard and L7 policies

Impact In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies: - Traffic that should be WireGuard-encrypted is sent unencrypted between a node's Envoy proxy and pods on other nodes. - Traffic that should be WireGuard-encrypted is sent unencrypted between a node's DNS prox...

6.1CVSS6.8AI score0.00172EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder