14 matches found
EUVD-2024-0947
Malicious code in bioql PyPI...
EUVD-2024-1011
Malicious code in bioql PyPI...
CVE-2024-28250
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...
Improper Handling Of Exceptional Conditions
github.com/cilium/cilium is vulnerable to Improper Handling of Exceptional Conditions. The vulnerability is due to a misconfiguration in handling Layer 3 and Layer 7 allow policies when port ranges are used, allows an attacker to bypass Layer 7 security policies by exploiting the failure to enfor...
BIT-HUBBLE-UI-2024-28249
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...
BIT-HUBBLE-2024-28250
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...
BIT-CILIUM-2024-28250
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...
GO-2024-2657 Unencrypted traffic between nodes with WireGuard in github.com/cilium/cilium
In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies: traffic that should be WireGuard-encrypted is sent unencrypted between a node's Envoy proxy and pods on other nodes, and traffic that should be WireGuard-encrypted is sent unencrypted between a node's DNS proxy and...
Missing Encryption Of Sensitive Data
Cilium is vulnerable to Missing Encryption Of Sensitive Data. The vulnerability is due to WireGuard eligible traffic sent between a node's Envoy/DNS proxy and pods on other nodes being sent unencrypted when traffic matches Layer 7 policies. This issue can expose sensitive data as it travels betwe...
CVE-2024-28250
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...
CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...
CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...
CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...
Unencrypted traffic between nodes when using WireGuard and L7 policies
Impact In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies: - Traffic that should be WireGuard-encrypted is sent unencrypted between a node's Envoy proxy and pods on other nodes. - Traffic that should be WireGuard-encrypted is sent unencrypted between a node's DNS prox...