x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-52529

Advisory CVE-2024-52529 references a vulnerability in the following Go modules:

Module
github.com/cilium/cilium

Description: Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For users with the following configuration: 1. An allow policy that selects a Layer 3 destination and a port range AND 2. A Layer 7 allow policy that selects a specific port within the first policy's range the Layer 7 enforcement would not occur for the traffic selected by the Layer 7 policy. This issue only affects users who use Cilium's port range functionality, which was introduced in Cilium v1.16. This issue is patched in PR #35150. This issue affects Cilium v1.16 between v1.16.0 and v1.16.3 inclus...

References:

Cross references:

github.com/cilium/cilium appears in 25 other report(s):
- data/excluded/GO-2022-0530.yaml (https://github.com/golang/vulndb/issues/530) NOT_GO_CODE
- data/excluded/GO-2023-1642.yaml (https://github.com/golang/vulndb/issues/1642) NOT_GO_CODE
- data/reports/GO-2022-0393.yaml (https://github.com/golang/vulndb/issues/393)
- data/reports/GO-2022-0457.yaml (https://github.com/golang/vulndb/issues/457)
- data/reports/GO-2022-0458.yaml (https://github.com/golang/vulndb/issues/458)
- data/reports/GO-2022-0959.yaml (https://github.com/golang/vulndb/issues/959)
- data/reports/GO-2023-1643.yaml (https://github.com/golang/vulndb/issues/1643)
- data/reports/GO-2023-1644.yaml (https://github.com/golang/vulndb/issues/1644)
- data/reports/GO-2023-1730.yaml (https://github.com/golang/vulndb/issues/1730)
- data/reports/GO-2023-1785.yaml (https://github.com/golang/vulndb/issues/1785)
- data/reports/GO-2023-1862.yaml (https://github.com/golang/vulndb/issues/1862)
- data/reports/GO-2023-2078.yaml (https://github.com/golang/vulndb/issues/2078)
- data/reports/GO-2023-2079.yaml (https://github.com/golang/vulndb/issues/2079)
- data/reports/GO-2023-2080.yaml (https://github.com/golang/vulndb/issues/2080)
- data/reports/GO-2024-2568.yaml (https://github.com/golang/vulndb/issues/2568)
- data/reports/GO-2024-2569.yaml (https://github.com/golang/vulndb/issues/2569)
- data/reports/GO-2024-2653.yaml (https://github.com/golang/vulndb/issues/2653)
- data/reports/GO-2024-2656.yaml (https://github.com/golang/vulndb/issues/2656)
- data/reports/GO-2024-2657.yaml (https://github.com/golang/vulndb/issues/2657)
- data/reports/GO-2024-2666.yaml (https://github.com/golang/vulndb/issues/2666)
- data/reports/GO-2024-2922.yaml (https://github.com/golang/vulndb/issues/2922)
- data/reports/GO-2024-3071.yaml (https://github.com/golang/vulndb/issues/3071)
- data/reports/GO-2024-3072.yaml (https://github.com/golang/vulndb/issues/3072)
- data/reports/GO-2024-3074.yaml (https://github.com/golang/vulndb/issues/3074)
- data/reports/GO-2024-3208.yaml (https://github.com/golang/vulndb/issues/3208)

See doc/quickstart.md for instructions on how to triage this report.

id: GO-ID-PENDING
modules:
    - module: github.com/cilium/cilium
      vulnerable_at: 1.16.4
summary: CVE-2024-52529 in github.com/cilium/cilium
cves:
    - CVE-2024-52529
references:
    - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-52529
    - fix: https://github.com/cilium/cilium/pull/35150
    - web: https://github.com/cilium/cilium/security/advisories/GHSA-xg58-75qf-9r67
source:
    id: CVE-2024-52529
    created: 2024-11-25T20:01:20.791406445Z
review_status: UNREVIEWED

golang / vulndb

x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-52529 #3290