apk package
chainguard/hubble-ui-backend
pkg:apk/chainguard/hubble-ui-backend
Vulnerabilities (64)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-39347 | — | < 0 | 0 | Sep 26, 2023 | Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-pr | ||
| CVE-2023-34242 | — | < 0.12.0-r0 | 0.12.0-r0 | Jun 15, 2023 | Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining v | ||
| CVE-2023-30851 | — | < 0.12.0-r0 | 0.12.0-r0 | May 25, 2023 | Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple `toEndpoints` AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wi | ||
| CVE-2023-29002 | — | < 0.12.0-r0 | 0.12.0-r0 | Apr 18, 2023 | Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the `cilium-secrets` namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker wi |
- CVE-2023-39347Sep 26, 2023affected < 0fixed 0
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-pr
- CVE-2023-34242Jun 15, 2023affected < 0.12.0-r0fixed 0.12.0-r0
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining v
- CVE-2023-30851May 25, 2023affected < 0.12.0-r0fixed 0.12.0-r0
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple `toEndpoints` AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wi
- CVE-2023-29002Apr 18, 2023affected < 0.12.0-r0fixed 0.12.0-r0
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the `cilium-secrets` namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker wi
Page 4 of 4