
We found results for “”
CVE-2025-32793
Good to know:

Date: April 21, 2025
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can leave the source node without encryption due to a race condition in how traffic is processed by Cilium. This issue has been patched in versions 1.15.16, 1.16.9, and 1.17.3. There are no workarounds available for this issue.
Severity Score
Related Resources (6)
Severity Score
Weakness Type (CWE)
Top Fix

Upgrade Version
Upgrade to version github.com/cilium/cilium - v1.15.16;github.com/cilium/cilium - v1.16.9;github.com/cilium/cilium - v1.17.3;https://github.com/cilium/cilium.git - v1.15.16;https://github.com/cilium/cilium.git - v1.16.9;https://github.com/cilium/cilium.git - v1.17.3
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | CHANGED |
Confidentiality (C): | LOW |
Integrity (I): | NONE |
Availability (A): | NONE |