VDB
CVE-2024-42486
CVE-2024-42486
PUBLISHED
CVSS 7.199999809265137 HIGH
Cilium vulnerable to information leakage via incorrect ReferenceGrant update logic in Gateway API
EPSS 0.24% · 47.7th percentile
Risk Scores
CVSS v3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
EPSS Score
0.24%
47.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cilium | cilium | |
| Bitnami | cilium-operator | 1.15.4 |
| Bitnami | hubble-relay | 1.15.0, 1.15.0, 1.15.0 |
| Bitnami | cilium-operator | 1.15.4, 1.15.4, 1.15.4 |
| Bitnami | cilium | 1.15.0, 1.15.0, 1.15.0 |
| Bitnami | cilium | 1.15.0 |
Timeline
- Jan 20, 1970 Fix PR Merged
- Jan 21, 1970 Security Advisory
- Aug 16, 2024 CVE Published
- Aug 17, 2024 EPSS Score
- Sep 7, 2024 EPSS Score
- Sep 27, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 18, 2024 EPSS Score
- Nov 8, 2024 EPSS Score
- Nov 28, 2024 EPSS Score
- Dec 20, 2024 EPSS Score
- Jan 10, 2025 EPSS Score