CVE-2024-25631

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-25631

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-25631.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-25631

Aliases

Related

Published

2024-02-20T18:15:53Z

Modified

2024-10-12T11:20:33.502424Z

Summary

[none]

Details

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who have enabled an external kvstore and Wireguard transparent encryption, traffic between pods in the affected cluster is not encrypted. This issue affects Cilium v1.14 before v1.14.7 and has been patched in Cilium v1.14.7. There is no workaround to this issue.

References

Affected packages

Git / github.com/cilium/cilium

Affected ranges

Type: GIT
Repo: https://github.com/cilium/cilium
Events: Introduced

b5013e1562dbfe442dd2011a5af46de9095315ff

Fixed

91b461c78160ff5c96cad23a85e4287093753c22

Affected versions

1.*

1.14.0

1.14.1

1.14.2

1.14.3

1.14.4

1.14.5

1.14.6

v1.*

v1.14.0

v1.14.1

v1.14.2

v1.14.3

v1.14.4

v1.14.5

v1.14.6