GHSA-2h44-x2wx-49f4, CVE-2023-30851
go/github.com/cilium/cilium
Potential HTTP policy bypass when using header rules in Cilium
This issue only impacts users who:
toEndpoints
ANDIn such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies.
All versions before 1.11.16, all versions starting from 1.12.0 before 1.12.9, all versions starting from 1.13.0 before 1.13.2
Upgrade to versions 1.11.16, 1.12.9, 1.13.2 or above.
2023-05-23
source |