github.com/cilium/cilium has incorrect default permissions. A malicious users belonging to the group ID 1000
is able to access the cilium API via the Unix domain socket, allowing an unintended file system access.
github.com/cilium/cilium/commit/1a2c052c24ac2440b145a4dd17ebc697ed1bcd44
github.com/cilium/cilium/commit/2f357e6fd91bd04574d743e718229fb23d93c477
github.com/cilium/cilium/commit/9bc8cf03ed7266a8a50a9403505f5de4ac25cf0d
github.com/cilium/cilium/releases/tag/v1.10.11
github.com/cilium/cilium/releases/tag/v1.11.5
github.com/cilium/cilium/releases/tag/v1.9.16
github.com/cilium/cilium/security/advisories/GHSA-6p8v-8cq8-v2r3