x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2025-30163 #3561

GoVulnBot · 2025-03-24T20:01:21Z

Advisory CVE-2025-30163 references a vulnerability in the following Go modules:

Module
github.com/cilium/cilium

Description:
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies (fromNodes and toNodes) will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based network policy is disabled by default in Cilium. This issue affects: Cilium v1.16 between v1.16.0 and v1.16.7 inclusive and v1.17 between v1.17.0 and v1.17.1 inclusive. This issue is fixed in Cilium v1.16.8 and v1.17.2. Users can work around this issue by ensuring that the labels used in `fr...

References:

Cross references:

github.com/cilium/cilium appears in 28 other report(s):
- data/excluded/GO-2022-0530.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-wc5v-r48v-g4vh #530) NOT_GO_CODE
- data/excluded/GO-2023-1642.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-4hc4-pgfx-3mrx #1642) NOT_GO_CODE
- data/reports/GO-2022-0393.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-c66w-hq56-4q97 #393)
- data/reports/GO-2022-0457.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2022-29178 #457)
- data/reports/GO-2022-0458.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2022-29179 #458)
- data/reports/GO-2022-0959.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-pfhr-pccp-hwmh #959)
- data/reports/GO-2023-1643.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-8fg8-jh2h-f2hc #1643)
- data/reports/GO-2023-1644.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-r5x6-w42p-jhpp #1644)
- data/reports/GO-2023-1730.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2023-29002 #1730)
- data/reports/GO-2023-1785.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-2h44-x2wx-49f4 #1785)
- data/reports/GO-2023-1862.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2023-34242 #1862)
- data/reports/GO-2023-2078.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-gj2r-phwg-6rww #2078)
- data/reports/GO-2023-2079.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-24m5-r6hv-ccgp #2079)
- data/reports/GO-2023-2080.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-4xp2-w642-7mcx #2080)
- data/reports/GO-2024-2568.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-25630 #2568)
- data/reports/GO-2024-2569.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-25631 #2569)
- data/reports/GO-2024-2653.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-68mj-9pjq-mc85 #2653)
- data/reports/GO-2024-2656.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-j89h-qrvr-xc36 #2656)
- data/reports/GO-2024-2657.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-v6q2-4qr3-5cw6 #2657)
- data/reports/GO-2024-2666.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-pwqm-x5x6-5586 #2666)
- data/reports/GO-2024-2922.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-37307 #2922)
- data/reports/GO-2024-3071.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-42487 #3071)
- data/reports/GO-2024-3072.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-42488 #3072)
- data/reports/GO-2024-3074.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-42486 #3074)
- data/reports/GO-2024-3208.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-3wwx-63fv-pfq6 #3208)
- data/reports/GO-2024-3290.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2024-52529 #3290)
- data/reports/GO-2025-3415.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-9m5p-c77c-f9j7 #3415)
- data/reports/GO-2025-3416.yaml (x/vulndb: potential Go vuln in github.com/cilium/cilium: GHSA-h78m-j95m-5356 #3416)

See doc/quickstart.md for instructions on how to triage this report.

id: GO-ID-PENDING
modules:
    - module: github.com/cilium/cilium
      vulnerable_at: 1.17.2
summary: CVE-2025-30163 in github.com/cilium/cilium
cves:
    - CVE-2025-30163
references:
    - advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-30163
    - fix: https://github.com/cilium/cilium/pull/36657
    - web: https://docs.cilium.io/en/stable/security/policy/language/#node-based
    - web: https://github.com/cilium/cilium/security/advisories/GHSA-c6pf-2v8j-96mc
source:
    id: CVE-2025-30163
    created: 2025-03-24T20:01:21.249826664Z
review_status: UNREVIEWED

The text was updated successfully, but these errors were encountered:

gopherbot · 2025-03-25T16:28:57Z

Change https://go.dev/cl/660559 mentions this issue: data/reports: add 28 reports

GoVulnBot added cve-year-2025 NeedsTriage labels Mar 24, 2025

thatnealpatel added triaged and removed NeedsTriage labels Mar 25, 2025

gopherbot closed this as completed in d05c8fe Mar 25, 2025

GoVulnBot mentioned this issue Apr 21, 2025

x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2025-32793 #3635

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2025-30163 #3561

x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2025-30163 #3561

GoVulnBot commented Mar 24, 2025

gopherbot commented Mar 25, 2025

x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2025-30163 #3561

x/vulndb: potential Go vuln in github.com/cilium/cilium: CVE-2025-30163 #3561

Comments

GoVulnBot commented Mar 24, 2025

gopherbot commented Mar 25, 2025