Affected by GO-2024-2653
and 10 other vulnerabilities
GO-2024-2653: HTTP policy bypass in github.com/cilium/cilium
GO-2024-2656: Unencrypted traffic between nodes with IPsec in github.com/cilium/cilium
GO-2024-2666: Insecure IPsec transparent encryption in github.com/cilium/cilium
GO-2024-2922: Cilium leaks sensitive information in cilium-bugtool in github.com/cilium/cilium
GO-2024-3072: Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium
GO-2025-3635: In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters in github.com/cilium/cilium
GO-2025-4167: Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic in Ciliumgithub.com/cilium/cilium
GO-2026-4856: Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic in github.com/cilium/cilium
GO-2026-5400: Cillium exposes sensitive information included in the cilium-bugtool debug archive in github.com/cilium/cilium
GO-2026-5905: Cilium vulnerable to sensitive information disclosure and cluster disruption via local Envoy admin socket access in github.com/cilium/cilium
GO-2026-5914: CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation in github.com/cilium/cilium
type Resolver[T any] interface {
// Resolve a promise. Unblocks all Await()s. Future calls of Await()// return the resolved value immediately.//// Only the first call to resolve (or reject) has an effect and// further calls are ignored.
Resolve(T)
// Reject a promise with an error. Reject(error)
}
Resolver can resolve or reject a promise.
These methods are separate from 'Promise' to make it clear where the promise is resolved
from.