modules:
- module: github.com/cilium/cilium
versions:
- introduced: TODO (earliest fixed "1.15.3", vuln range ">= 1.15.0, <= 1.15.2")
packages:
- package: github.com/cilium/cilium
- module: github.com/cilium/cilium
versions:
- introduced: TODO (earliest fixed "1.14.9", vuln range ">= 1.14.0, <= 1.14.7")
packages:
- package: github.com/cilium/cilium
- module: github.com/cilium/cilium
versions:
- introduced: TODO (earliest fixed "1.13.14", vuln range ">= 1.4.0, <= 1.13.13")
packages:
- package: github.com/cilium/cilium
summary: Cilium has insecure IPsec transport encryption
cves:
- CVE-2024-28860
ghsas:
- GHSA-pwqm-x5x6-5586
references:
- advisory: https://github.com/cilium/cilium/security/advisories/GHSA-pwqm-x5x6-5586
- web: https://nvd.nist.gov/vuln/detail/CVE-2024-28860
- fix: https://github.com/cilium/cilium/commit/311fbce5280491cddceab178d83b06fa23688c72
- fix: https://github.com/cilium/cilium/commit/a1742b478306fa256cd27df1039dfae0537b4149
- fix: https://github.com/cilium/cilium/commit/a652c123331852cca90c74202f993d4170fd37fa
- web: https://docs.cilium.io/en/stable/security/network/encryption-ipsec
- advisory: https://github.com/advisories/GHSA-pwqm-x5x6-5586
In GitHub Security Advisory GHSA-pwqm-x5x6-5586, there is a vulnerability in the following Go packages or modules:
Cross references:
See doc/triage.md for instructions on how to triage this report.