24 matches found
EUVD-2024-2923
Malicious code in bioql PyPI...
EUVD-2024-0762
Malicious code in bioql PyPI...
EUVD-2023-1449
Malicious code in bioql PyPI...
EUVD-2024-2669
Malicious code in bioql PyPI...
EUVD-2024-0842
Malicious code in bioql PyPI...
EUVD-2024-3391
Malicious code in bioql PyPI...
CVE-2025-23028
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. A denial of service vulnerability affects versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4. In a Kubernetes cluster where Cilium is configured to proxy DNS traffic, an...
CVE-2024-42487
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular,...
BIT-HUBBLE-RELAY-2025-30162 East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...
BIT-CILIUM-2025-30162 East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...
CVE-2024-28860
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...
BIT-CILIUM-2024-52529 Layer 7 policy enforcement may not occur in policies with wildcarded port ranges in Cilium
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For users with the following configuration: 1. An allow policy that selects a Layer 3 destination and a port range AND 2. A Layer 7 allow policy that selects a specific port within the first policy's range...
CVE-2024-42487 Cilium's Gateway API route matching order contradicts specification
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In the 1.15 branch prior to 1.15.8 and the 1.16 branch prior to 1.16.1, Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular,...
BIT-HUBBLE-UI-BACKEND-2024-28860
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to chosen plaintext, key...
CVE-2024-28860
CVE-2024-28860 affects Cilium’s IPsec transparent encryption. The issue arises from an ESP sequence number collision when multiple nodes share a key, enabling a MITM attacker to perform chosen-plaintext, key-recovery, and replay attacks that can undermine confidentiality and integrity. Fixed in C...
CVE-2024-25630 Cilium has unencrypted ingress/health traffic when using Wireguard transparent encryption
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who are using CRDs to store Cilium state the default configuration and Wireguard transparent encryption, traffic to/from the Ingress and health endpoints is not encrypted. This issue affect...
CVE-2023-27594
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which...
CVE-2023-27593 cilium-agent container can access the host via `hostPath` mount
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to /opt/cni/bin due to a hostPath mount of that directory in the agent pod. By replacing the CNI binary...
Command Execution Vulnerability in DeepSync IPSec VPNs
DeepTrust IPSec VPN provides an all-in-one networking solution for small and medium-sized branches. A command execution vulnerability exists in the DeepSync IPSec VPN, which can be exploited by an attacker to gain control of the server...
CVE-2018-0434
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected...