https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 06 May 2026 03:26:02 +0000 https://vulnerability.circl.lu/sighting/27782631-458d-4326-85b2-8d42cb65f1fc/export {"uuid": "27782631-458d-4326-85b2-8d42cb65f1fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47825", "type": "seen", "source": "https://t.me/cvedetector/8545", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47825 - Cilium Network Policy Denial of Service Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47825 \nPublished : Oct. 21, 2024, 7:15 p.m. | 34\u00a0minutes ago \nDescription : Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than `/32` may be ignored if there is a policy rule referencing a more narrow prefix (`CIDRSet` or `toFQDN`) and this narrower policy rule specifies either `enableDefaultDeny: false` or `- toEntities: all`. Note that a rule specifying `toEntities: world` or `toEntities: 0.0.0.0/0` is insufficient, it must be to entity `all`.This issue has been patched in Cilium v1.14.16 and v1.15.10. As this issue only affects policies using `enableDefaultDeny: false` or that set `toEntities` to `all`, some workarounds are available. For users with policies using `enableDefaultDeny: false`, remove this configuration option and explicitly define any allow rules required. For users with egress policies that explicitly specify `toEntities: all`, use `toEntities: world`. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T21:52:52.000000Z"} {"uuid": "27782631-458d-4326-85b2-8d42cb65f1fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47825", "type": "seen", "source": "https://t.me/cvedetector/8545", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47825 - Cilium Network Policy Denial of Service Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47825 \nPublished : Oct. 21, 2024, 7:15 p.m. | 34\u00a0minutes ago \nDescription : Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than `/32` may be ignored if there is a policy rule referencing a more narrow prefix (`CIDRSet` or `toFQDN`) and this narrower policy rule specifies either `enableDefaultDeny: false` or `- toEntities: all`. Note that a rule specifying `toEntities: world` or `toEntities: 0.0.0.0/0` is insufficient, it must be to entity `all`.This issue has been patched in Cilium v1.14.16 and v1.15.10. As this issue only affects policies using `enableDefaultDeny: false` or that set `toEntities` to `all`, some workarounds are available. For users with policies using `enableDefaultDeny: false`, remove this configuration option and explicitly define any allow rules required. For users with egress policies that explicitly specify `toEntities: all`, use `toEntities: world`. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T21:52:52.000000Z"} https://vulnerability.circl.lu/sighting/27782631-458d-4326-85b2-8d42cb65f1fc/export Mon, 21 Oct 2024 21:52:52 +0000