CVE-2025-32793

Medium CVSS: 4.0

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can leave the source node without encryption due to a race condition in how traffic is processed by Cilium. This issue has been patched in versions 1.15.16, 1.16.9, and 1.17.3. There are no workarounds available for this issue.

Vendor

Cilium

Product

Cilium

CWE

CWE-319

Yayın Tarihi

2025-04-21 16:15:54

Güncelleme

2025-09-03 17:16:40

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-319 Cilium MEDIUM Cilium 2025

Referanslar

https://github.com/cilium/cilium/pull/38592 https://github.com/cilium/cilium/security/advisories/GHSA-5vxx-c285-pcq4

Benzer Kayıtlar

Medium

CVE-2026-33726

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.…

Medium

CVE-2026-26963

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.…

Medium

CVE-2025-64715

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.16.17, 1.…

Low

CVE-2025-30162

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gate…

Low

CVE-2025-30163

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies (…

Medium

CVE-2025-23047

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An insecure default `Access-C…