Security Bulletins

The Security Research team at Tigera is constantly evaluating and analyzing new vulnerabilities to assess their impact to our customers. We want to proactively provide actionable information to help you manage risk and make decisions that are right for your business. Our technical advisories are designed to provide you with all the information that you need regarding new vulnerabilities. This page shows the list of all advisories published by Tigera.

 

TitleReferenceDate

Calico Typha hangs during unclean TLS handshake

TTA-2023-001,
CVE-2023-41378
2023-November-6

Calico Enterprise & Calico OS are vulnerable to pod route hijacking

TTA-2022-0012022-June-1

Calico Enterprise affected by CVE-2021-44228

TTA-2021-0022021-December-16

Calico Enterprise running Openshift is vulnerable to Privilege Escalation

TTA-2021-0012021-Sep-1

Fixes available for vulnerability in CNI IPv6 route advertisement

TTA-2020-0012020-June-1

CVE-2019-11253 aka Billion Laughs Vulnerability Mitigations

TTA-2019-0032019-Dec-2

Fixes available for vulnerability in VXLAN and IPIP overlay modes

TTA-2019-0022019-July-1

Fixes available for CVE-2019-9946

TTA-2019-0012019-March-28

Calico CNI Logging can expose Kubernetes service account tokens

TTA-2018-0012018-Nov-13