Browse all 34 CVE security advisories affecting cilium. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Cilium is an open-source networking, observability, and security platform primarily designed for Kubernetes environments, leveraging eBPF technology to provide high-performance packet processing. Its architecture enables deep visibility into network traffic and enforces security policies at the kernel level, offering a robust alternative to traditional iptables-based solutions. Historically, the project has faced numerous security challenges, with thirty-three Common Vulnerabilities and Exposures (CVEs) recorded to date. These incidents predominantly involve remote code execution and privilege escalation flaws, often stemming from improper input validation or memory safety issues within the eBPF bytecode verification logic. While major public breaches remain rare, the high volume of disclosed vulnerabilities highlights the complexity of maintaining secure eBPF implementations. Users must prioritize regular patching and strict configuration management to mitigate risks associated with these historically common vulnerability classes, ensuring the integrity of containerized workloads.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-27594 | Cilium vulnerable to potential network policy bypass when routing IPv6 traffic — ciliumCWE-285 | 4.2 | Medium | 2023-03-17 |
| CVE-2023-27593 | cilium-agent container can access the host via `hostPath` mount — ciliumCWE-276 | 4.4 | Medium | 2023-03-17 |
| CVE-2022-29179 | Improper Privilege Management in Cilium — ciliumCWE-269 | 7.5 | High | 2022-05-20 |
| CVE-2022-29178 | Incorrect Default Permissions in Cilium — ciliumCWE-276 | 8.8 | High | 2022-05-20 |
This page lists every published CVE security advisory associated with cilium. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.