Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HIstio
APPIstio< 1.1.131.2.0 – 1.2.4 (bez)
Related vulnerabilities
Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external clie...
Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a...
Istio is an open platform to connect, manage, and secure microservices. In versions on the 1.15.x branch prior...
Istio is an open platform-independent service mesh that provides traffic management, policy enforcement, and t...
Istio is an open platform to connect, manage, and secure microservices. In affected versions ill-formed header...