Skip to content

x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-v6q2-4qr3-5cw6 #2657

Description

@GoVulnBot

In GitHub Security Advisory GHSA-v6q2-4qr3-5cw6, there is a vulnerability in the following Go packages or modules:

Unit Fixed Vulnerable Ranges
github.com/cilium/cilium 1.15.2 >= 1.15.0, < 1.15.2

Cross references:

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: github.com/cilium/cilium
      versions:
        - introduced: 1.15.0
          fixed: 1.15.2
      vulnerable_at: 1.15.1
      packages:
        - package: github.com/cilium/cilium
    - module: github.com/cilium/cilium
      versions:
        - introduced: 1.14.0
          fixed: 1.14.8
      vulnerable_at: 1.14.7
      packages:
        - package: github.com/cilium/cilium
summary: Unencrypted traffic between nodes when using WireGuard and L7 policies
cves:
    - CVE-2024-28250
ghsas:
    - GHSA-v6q2-4qr3-5cw6
references:
    - advisory: https://github.com/cilium/cilium/security/advisories/GHSA-v6q2-4qr3-5cw6
    - advisory: https://github.com/advisories/GHSA-v6q2-4qr3-5cw6

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions