Lucene search
K

80 matches found

OSV
OSV
added 2024/07/01 11:17 a.m.16 views

BIT-HUBBLE-UI-BACKEND-2023-41332

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with policy.cilium.io/proxy-visibility annotations in Cilium = v1.13 or io.cilium.proxy-visibility annotations in Cilium...

3.5CVSS3.5AI score0.00448EPSS
Exploits1References2
OSV
OSV
added 2024/07/01 11:15 a.m.19 views

BIT-HUBBLE-UI-2024-28249

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2024/07/01 11:12 a.m.10 views

BIT-CILIUM-PROXY-2023-41332

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with policy.cilium.io/proxy-visibility annotations in Cilium = v1.13 or io.cilium.proxy-visibility annotations in Cilium...

3.5CVSS3.5AI score0.00448EPSS
Exploits1References2
OSV
OSV
added 2024/07/01 11:10 a.m.12 views

BIT-CILIUM-PROXY-2024-28249

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2024/06/04 9:44 a.m.12 views

BIT-HUBBLE-2023-41332

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with policy.cilium.io/proxy-visibility annotations in Cilium = v1.13 or io.cilium.proxy-visibility annotations in Cilium...

3.5CVSS3.5AI score0.00448EPSS
Exploits1References2
OSV
OSV
added 2024/06/04 9:42 a.m.9 views

BIT-HUBBLE-2024-28250

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...

6.1CVSS6AI score0.00172EPSS
Exploits0References4
OSV
OSV
added 2024/05/24 7:22 p.m.18 views

BIT-HUBBLE-RELAY-2023-41332 Denial of service via Kubernetes annotations in specific Cilium configurations

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with policy.cilium.io/proxy-visibility annotations in Cilium = v1.13 or io.cilium.proxy-visibility annotations in Cilium...

3.5CVSS3.5AI score0.00448EPSS
Exploits1References3
OSV
OSV
added 2024/05/24 7:20 p.m.11 views

BIT-HUBBLE-RELAY-2024-28249

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2024/05/15 12:6 p.m.59 views

BIT-CILIUM-2023-41332 Denial of service via Kubernetes annotations in specific Cilium configurations

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with policy.cilium.io/proxy-visibility annotations in Cilium = v1.13 or io.cilium.proxy-visibility annotations in Cilium...

3.5CVSS3.5AI score0.00448EPSS
Exploits1References3
OSV
OSV
added 2024/05/15 12:6 p.m.28 views

BIT-CILIUM-OPERATOR-2023-41332 Denial of service via Kubernetes annotations in specific Cilium configurations

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with policy.cilium.io/proxy-visibility annotations in Cilium = v1.13 or io.cilium.proxy-visibility annotations in Cilium...

3.5CVSS3.5AI score0.00448EPSS
Exploits1References3
OSV
OSV
added 2024/05/15 12:5 p.m.27 views

BIT-CILIUM-OPERATOR-2024-28249

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2024/05/15 12:5 p.m.40 views

BIT-CILIUM-2024-28250

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...

6.1CVSS6AI score0.00172EPSS
Exploits0References4
OSV
OSV
added 2024/03/22 6:39 p.m.14 views

GO-2024-2656 Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium

In Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, traffic that should be IPsec-encrypted between a node's Envoy proxy and pods on other nodes is sent unencrypted, and traffic that should be IPsec-encrypted between a node's DNS proxy and pods on other nodes is sent...

6.1CVSS6AI score0.00271EPSS
Exploits0References1
OSV
OSV
added 2024/03/22 6:38 p.m.30 views

GO-2024-2657 Unencrypted traffic between nodes with WireGuard in github.com/cilium/cilium

In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies: traffic that should be WireGuard-encrypted is sent unencrypted between a node's Envoy proxy and pods on other nodes, and traffic that should be WireGuard-encrypted is sent unencrypted between a node's DNS proxy and...

6.1CVSS6AI score0.00172EPSS
Exploits0References1
Veracode
Veracode
added 2024/03/22 9:1 a.m.17 views

Missing Encryption Of Sensitive Data

Cilium is vulnerable to Missing Encryption Of Sensitive Data. The vulnerability is due to WireGuard eligible traffic sent between a node's Envoy/DNS proxy and pods on other nodes being sent unencrypted when traffic matches Layer 7 policies. This issue can expose sensitive data as it travels betwe...

6.1CVSS6.6AI score0.00172EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2024/03/18 10:15 p.m.28 views

CVE-2024-28249

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6.1AI score0.00271EPSS
Exploits0References4
NVD
NVD
added 2024/03/18 10:15 p.m.35 views

CVE-2024-28250

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligible traffic that is sent between a node's...

6.1CVSS6.1AI score0.00172EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/18 9:36 p.m.33 views

CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6.3AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2024/03/18 9:36 p.m.9 views

CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6AI score0.00271EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/03/18 9:36 p.m.8 views

CVE-2024-28249 Cilium has possible unencrypted traffic between nodes when using IPsec and L7 policies

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sen...

6.1CVSS6.7AI score0.00271EPSS
Exploits0References4
Rows per page
Query Builder