CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
AI Score
Confidence
High
github.com/cilium/cilium is vulnerable to Security Bypass. The vulnerability is due to improper implementation of match precedence in Gateway API HTTPRoutes and GRPCRoutes, where request headers are matched before request methods. It allows an attacker to exploit the incorrect request handling order to potentially cause unexpected behavior or security issues.
github.com/advisories/GHSA-qcm3-7879-xcww
github.com/cilium/cilium/commit/a3510fe4a92305822aa1a5e08cb6d6c873c8699a
github.com/cilium/cilium/commit/d88772b9c29e370becbc4547cada6711d51edcde
github.com/cilium/cilium/commit/fe42273566a943a0f3174c87b23a195c856b51d6
github.com/cilium/cilium/pull/34109
github.com/cilium/cilium/security/advisories/GHSA-qcm3-7879-xcww