Vulnerability Database

309,587

Total vulnerabilities in the database

CVE-2024-25630

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who are using CRDs to store Cilium state (the default configuration) and Wireguard transparent encryption, traffic to/from the Ingress and health endpoints is not encrypted. This issue affects Cilium v1.14 before v1.14.7 and has been patched in Cilium v1.14.7. There is no workaround to this issue.

Published: Feb 20, 2024
Updated: Nov 16, 2025
CVE: CVE-2024-25630
GHSA: GHSA-7496-fgv9-xw82
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

CWEs:

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
github.com/cilium/cilium	1.14.0	1.14.7
cilium / cilium	1.14.0	1.14.7

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo