—
GO-2025-4167
Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic in Ciliumgithub.com/cilium/cilium
Details
Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic in Ciliumgithub.com/cilium/cilium
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/cilium/cilium
Introduced in:
0 Fixed in: 1.16.17 Fix
go get github.com/cilium/cilium@v1.16.17 References
- https://github.com/cilium/cilium/security/advisories/GHSA-38pp-6gcp-rqvm [ADVISORY]
- https://nvd.nist.gov/vuln/detail/CVE-2025-64715 [ADVISORY]
- https://github.com/cilium/cilium/commit/a385856b59c8289cc7273fa3a3062bbf0ef96c97 [FIX]
- https://github.com/cilium/cilium/releases/tag/v1.16.17 [WEB]
- https://github.com/cilium/cilium/releases/tag/v1.17.10 [WEB]
- https://github.com/cilium/cilium/releases/tag/v1.18.4 [WEB]