Affected by GO-2024-2653
and 13 other vulnerabilities
GO-2024-2653: HTTP policy bypass in github.com/cilium/cilium
GO-2024-2656: Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium
GO-2024-2657: Unencrypted traffic between nodes with WireGuard in github.com/cilium/cilium
GO-2024-2666: Insecure IPsec transparent encryption in github.com/cilium/cilium
GO-2024-2922: Cilium leaks sensitive information in cilium-bugtool in github.com/cilium/cilium
GO-2024-3071: Gateway API route matching order contradicts specification in github.com/cilium/cilium
GO-2024-3072: Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium
GO-2024-3074: Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API in github.com/cilium/cilium
GO-2024-3208: Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present in github.com/cilium/cilium
GO-2025-3415: DoS in Cilium agent DNS proxy from crafted DNS responses in github.com/cilium/cilium
GO-2025-3416: Cilium has an information leakage via insecure default Hubble UI CORS header in github.com/cilium/cilium
GO-2025-3560: Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers in github.com/cilium/cilium
GO-2025-3635: In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters in github.com/cilium/cilium
GO-2025-4167: Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic in Ciliumgithub.com/cilium/cilium
const (
// CiliumAgentName is the name of cilium-agent (daemon) process name. CiliumAgentName = "cilium-agent"
// CiliumOperatortName is the name of cilium-operator process name. CiliumOperatortName = "cilium-operator"
// CiliumDaemonTestName is the name of test binary for daemon package. CiliumDaemonTestName = "cmd.test"
)
Affected by 
Documentation
¶
Source Files