Cilium Security Vulnerabilities and Issues — Cilium CVE List

Lucene search

CiliumCilium

3 matches found

CVE•added 2023/03/17 8:15 p.m.•175 views

CVE-2023-27593

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, an attacker with access to a Cilium agent pod can write to /opt/cni/bin due to a hostPath mount of that directory in the agent pod. By replacing the CNI binary w...

5.5CVSS4.9AI score0.00012EPSS

CVE•added 2023/03/17 8:15 p.m.•174 views

CVE-2023-27594

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which C...

7.3CVSS5.5AI score0.00041EPSS

CVE•added 2023/03/17 10:15 p.m.•47 views

CVE-2023-27595

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This can ...

9.8CVSS7.7AI score0.00041EPSS