Vulnerability Database
Blog
FAQ
Docs
GO-2023-1785
See a problem?
Source
https://pkg.go.dev/vuln/GO-2023-1785
Import Source
https://vuln.go.dev/ID/GO-2023-1785.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2023-1785
Aliases
BIT-cilium-2023-30851
BIT-cilium-operator-2023-30851
BIT-cilium-proxy-2023-30851
BIT-hubble-2023-30851
BIT-hubble-relay-2023-30851
BIT-hubble-ui-2023-30851
BIT-hubble-ui-backend-2023-30851
CVE-2023-30851
GHSA-2h44-x2wx-49f4
Published
2024-08-20T20:31:32Z
Modified
2024-08-20T20:58:42.419899Z
Summary
Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium
Details
Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium
References
https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4
https://nvd.nist.gov/vuln/detail/CVE-2023-30851
https://github.com/cilium/cilium/releases/tag/v1.11.16
https://github.com/cilium/cilium/releases/tag/v1.12.9
https://github.com/cilium/cilium/releases/tag/v1.13.2
Affected packages
Go
/
github.com/cilium/cilium
Package
Name
github.com/cilium/cilium
View open source insights on deps.dev
Purl
pkg:golang/github.com/cilium/cilium
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.11.16
Introduced
1.12.0
Fixed
1.12.9
Introduced
1.13.0
Fixed
1.13.2
GO-2023-1785 - OSV