VDB
GO-2025-4167
GO-2025-4167
PUBLISHED
Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic in Ciliumgithub.com/cilium/cilium
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | cilium/cilium | 0, 1.17.0, 1.18.0 |
Timeline
- Dec 15, 2025 CVE Published
- Feb 4, 2026 CVE Updated
- May 1, 2026 Security Advisory
References
- https://github.com/cilium/cilium/security/advisories/GHSA-38pp-6gcp-rqvm advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-64715 advisory
- https://github.com/cilium/cilium/commit/a385856b59c8289cc7273fa3a3062bbf0ef96c97 patch
- https://github.com/cilium/cilium/releases/tag/v1.16.17 url
- https://github.com/cilium/cilium/releases/tag/v1.17.10 url
- https://github.com/cilium/cilium/releases/tag/v1.18.4 url