CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
AI Score
Confidence
Low
github.com/cilium/cilium is vulnerable to Sensitive Information Exposure. The vulnerability is caused due to not propagating ReferenceGrant
changes in Cilium’s GatewayAPI
controller. This can lead to Gateway resources being able to access secrets for longer than intended or to Routes having the ability to forward traffic to backends in other namespaces for longer than intended.
github.com/advisories/GHSA-vwf8-q6fw-4wcm
github.com/cilium/cilium/commit/414a96b53d51ef6e6645c44426e26bc8e7c7c059
github.com/cilium/cilium/commit/92c110e58a7be6586819dd51fb0f6ee1ec4be8f8
github.com/cilium/cilium/commit/ed3dfa0aab8b80f7e841a6d49d2a990ac2dca053
github.com/cilium/cilium/pull/34032
github.com/cilium/cilium/security/advisories/GHSA-vwf8-q6fw-4wcm