{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T16:33:54.395","vulnerabilities":[{"cve":{"id":"CVE-2026-25804","sourceIdentifier":"security-advisories@github.com","published":"2026-02-06T23:15:55.123","lastModified":"2026-02-28T00:30:06.540","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to versions 2.3.2 and 2.4.3, Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority calculations when handling a large numbers of policies with various priority values. This results in potentially incorrect traffic enforcement. This issue has been patched in versions 2.4.3."},{"lang":"es","value":"Antrea es una solución de red de Kubernetes diseñada para ser nativa de Kubernetes. Antes de las versiones 2.3.2 y 2.4.3, el sistema de asignación de prioridad de políticas de red de Antrea tiene un error de desbordamiento aritmético uint16 que causa cálculos incorrectos de prioridad de OpenFlow al manejar un gran número de políticas con varios valores de prioridad. Esto resulta en una aplicación de tráfico potencialmente incorrecta. Este problema ha sido parcheado en la versión 2.4.3."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:antrea:*:*:*:*:*:kubernetes:*:*","versionEndExcluding":"2.3.2","matchCriteriaId":"395EA656-873E-492A-88A3-D6813376D968"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:antrea:*:*:*:*:*:kubernetes:*:*","versionStartIncluding":"2.4.0","versionEndExcluding":"2.4.3","matchCriteriaId":"7DB4CD72-9C1A-47E2-BB11-16F803BAE15A"}]}]}],"references":[{"url":"https://github.com/antrea-io/antrea/commit/86c4b6010f3be536866f339b632621c23d7186fa","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/antrea-io/antrea/pull/7496","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/antrea-io/antrea/security/advisories/GHSA-86x4-wp9f-wrr9","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}}]}