VDB
BIT-cilium-operator-2025-64715
BIT-cilium-operator-2025-64715
PUBLISHED
CVSS 5.5 MEDIUM
Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | cilium-operator | 0, 1.17.0, 1.18.0 |
Exploit Intelligence
- seen_cves.json (github-poc)
Timeline
- Dec 2, 2025 CVE Published
- Dec 15, 2025 CVE Updated
References
- https://github.com/cilium/cilium/commit/a385856b59c8289cc7273fa3a3062bbf0ef96c97 url
- https://github.com/cilium/cilium/releases/tag/v1.16.17 url
- https://github.com/cilium/cilium/releases/tag/v1.17.10 url
- https://github.com/cilium/cilium/releases/tag/v1.18.4 url
- https://github.com/cilium/cilium/security/advisories/GHSA-38pp-6gcp-rqvm url
- https://nvd.nist.gov/vuln/detail/CVE-2025-64715 url