{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T23:43:55.965","vulnerabilities":[{"cve":{"id":"CVE-2024-28248","sourceIdentifier":"security-advisories@github.com","published":"2024-03-18T22:15:08.220","lastModified":"2025-01-09T16:40:56.910","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being incorrectly and intermittently forwarded when it should be dropped. This issue has been patched in Cilium 1.15.2, 1.14.8, and 1.13.13. There are no known workarounds for this issue."},{"lang":"es","value":"Cilium es una solución de redes, observabilidad y seguridad con un plano de datos basado en eBPF. A partir de la versión 1.13.9 y antes de las versiones 1.13.13, 1.14.8 y 1.15.2, las políticas HTTP de Cilium no se aplican de manera consistente a todo el tráfico en el alcance de las políticas, lo que lleva a que el tráfico HTTP se reenvíe de manera incorrecta e intermitente cuando debería dejarse caer. Este problema se solucionó en Cilium 1.15.2, 1.14.8 y 1.13.13. No se conocen workarounds para este problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-693"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*","versionStartIncluding":"1.13.9","versionEndExcluding":"1.13.13","matchCriteriaId":"85626379-99C9-4C7D-BB9A-544D1A8D04DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*","versionStartIncluding":"1.14.0","versionEndExcluding":"1.14.8","matchCriteriaId":"50C01BB2-3804-450F-846D-DE7A23112DF6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*","versionStartIncluding":"1.15.0","versionEndExcluding":"1.15.2","matchCriteriaId":"9938037D-85A4-4964-B593-33015AEFC8DB"}]}]}],"references":[{"url":"https://docs.cilium.io/en/stable/security/policy/language/#http","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/cilium/cilium/releases/tag/v1.13.13","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/cilium/cilium/releases/tag/v1.14.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/cilium/cilium/releases/tag/v1.15.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://docs.cilium.io/en/stable/security/policy/language/#http","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/cilium/cilium/releases/tag/v1.13.13","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://github.com/cilium/cilium/releases/tag/v1.14.8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://github.com/cilium/cilium/releases/tag/v1.15.2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://github.com/cilium/cilium/security/advisories/GHSA-68mj-9pjq-mc85","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}