Vulnerability Report: GO-2024-2657

  • CVE-2024-28250, GHSA-v6q2-4qr3-5cw6
  • Affects: github.com/cilium/cilium
  • Published: Mar 22, 2024
  • Modified: Mar 22, 2024

In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies: traffic that should be WireGuard-encrypted is sent unencrypted between a node's Envoy proxy and pods on other nodes, and traffic that should be WireGuard-encrypted is sent unencrypted between a node's DNS proxy and pods on other nodes.

For detailed information about this vulnerability, visit https://github.com/cilium/cilium/security/advisories/GHSA-v6q2-4qr3-5cw6.

Affected Packages

  • Path
    Versions
    Symbols

Aliases

References

Credits

  • @brb@giorio94, @gandro, @jschwinger233

Feedback

See anything missing or incorrect? Suggest an edit to this report.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.