4 matches found
CVE-2026-53935 CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation
Cilium is a networking, observability, and security solution. Prior to 1.17.16, from 1.18.2 to 1.18.9, and from 1.19.0 to 1.19.3, users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, enabling hijacking traffic to Services in any namespa...
CVE-2026-53935
Summary: CVE-2026-53935 affects Cilium versions prior to 1.17.16, 1.18.2–1.18.9, and 1.19.0–1.19.3. An attacker who can create a CiliumLocalRedirectPolicy may specify arbitrary ClusterIPs via addressMatcher, enabling cross-namespace traffic hijacking to Services and bypassing serviceMatcher names...
GO-2026-5914 CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation in github.com/cilium/cilium
CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation in github.com/cilium/cilium...
CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation
Impact Users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, which enables hijacking traffic to Services in any namespace, bypassing the namespace-scoping guarantees enforced by serviceMatcher. In addition, deleting such a policy can...