VDB
CVE-2025-64715
CVE-2025-64715
PUBLISHED
CVSS 5.5 MEDIUM
Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic
EPSS 0.01% · 0.6th percentile
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.01%
0.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | cilium-operator | 1.17.0, 0, 1.18.0 |
| Bitnami | cilium | 1.18.0, 0, 1.17.0 |
| cilium | cilium | |
| Bitnami | cilium-operator | 1.18.0, 0, 1.17.0 |
| Bitnami | hubble-relay | 1.17.0, 0, 1.17.0 |
| Bitnami | cilium | 1.17.0, 0, 1.17.0 |
Timeline
- Jan 21, 1970 Security Advisory
- Nov 27, 2025 CVE Published
- Nov 29, 2025 EPSS Score
- Nov 29, 2025 Coalition ESS Score
- Dec 2, 2025 Coalition ESS Score
- Dec 4, 2025 EPSS Score
- Dec 4, 2025 Coalition ESS Score
- Dec 6, 2025 Coalition ESS Score
- Dec 8, 2025 EPSS Score
- Dec 13, 2025 EPSS Score
- Dec 17, 2025 EPSS Score
- Dec 22, 2025 EPSS Score
References
- https://github.com/cilium/cilium/commit/a385856b59c8289cc7273fa3a3062bbf0ef96c97 url
- https://github.com/cilium/cilium/releases/tag/v1.16.17 url
- https://github.com/cilium/cilium/releases/tag/v1.17.10 url
- https://github.com/cilium/cilium/releases/tag/v1.18.4 url
- https://github.com/cilium/cilium/security/advisories/GHSA-38pp-6gcp-rqvm url
- https://nvd.nist.gov/vuln/detail/CVE-2025-64715 url