Affected by GO-2024-3290
and 6 other vulnerabilities
GO-2024-3290: Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges in github.com/cilium/cilium
GO-2025-3415: DoS in Cilium agent DNS proxy from crafted DNS responses in github.com/cilium/cilium
GO-2025-3416: Cilium has an information leakage via insecure default Hubble UI CORS header in github.com/cilium/cilium
GO-2025-3560: Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers in github.com/cilium/cilium
GO-2025-3561: Cilium node based network policies may incorrectly allow workload traffic in github.com/cilium/cilium
GO-2025-3635: In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters in github.com/cilium/cilium
GO-2025-4167: Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic in Ciliumgithub.com/cilium/cilium
CheckStructAlignments checks whether size and offsets match of the given
C and Go structs which are listed in the given toCheck map (C type name =>
Go type).
C struct layout is extracted from the given ELF object file's BTF info.
To find a matching C struct field, a Go field has to be tagged with
`align:"field_name_in_c_struct". In the case of unnamed union field, such
union fields can be referred with special tags - `align:"$union0"`,
`align:"$union1"`, etc.
Affected by 
Documentation
¶
Source Files