Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Istio Subscribe
Total 23 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-18817 1 Istio 1 Istio 2019-11-14 5.0 MEDIUM 7.5 HIGH
Istio 1.3.x before 1.3.5 allows Denial of Service because continue_on_listener_filters_timeout is set to True, a related issue to CVE-2019-18836.
CVE-2019-18836 2 Envoyproxy, Istio 2 Envoy, Istio 2019-11-12 5.0 MEDIUM 7.5 HIGH
Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continue_on_listener_filters_timeout is used."
CVE-2019-14993 1 Istio 1 Istio 2019-08-16 5.0 MEDIUM 7.5 HIGH
Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.