CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 1CVE-2020-11767
https://notcve.org/view.php?id=CVE-2020-11767
Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. If there is a TCP connection (negotiated with SNI over HTTPS) to *.example.com, a request for a domain concurrently configured explicitly (e.g., abc.example.com) is sent to the server(s) listening behind *.example.com. The outcome should instead be 421 Misdirected Request. Imagine a shared caching forward proxy re-using an HTTP/2 connection for a large subnet with many users. If a victim is interacting with abc.example.com, and a server (for abc.example.com) recycles the TCP connection to the forward proxy, the victim's browser may suddenly start sending sensitive data to a *.example.com server. • https://bugs.chromium.org/p/chromium/issues/detail?id=954160#c5 https://github.com/envoyproxy/envoy/issues/6767 https://github.com/istio/istio/issues/13589 https://github.com/istio/istio/issues/9429 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2019-14993
https://notcve.org/view.php?id=CVE-2019-14993
Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API. Istio antes de 1.1.13 y 1.2.x antes de 1.2.4 maneja mal las expresiones regulares para URI largos, lo que lleva a una denegación de servicio durante el uso de la API JWT, VirtualService, HTTPAPISpecBinding o QuotaSpecBinding. • https://discuss.istio.io/t/upcoming-security-updates-in-istio-1-2-4-and-1-1-13/3383 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86164 https://github.com/envoyproxy/envoy/issues/7728 https://istio.io/blog/2019/istio-security-003-004 • CWE-185: Incorrect Regular Expression •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12995
https://notcve.org/view.php?id=CVE-2019-12995
Istio before 1.2.2 mishandles certain access tokens, leading to "Epoch 0 terminated with an error" in Envoy. This is related to a jwt_authenticator.cc segmentation fault. stio anterior a versión 1.2.2, maneja inapropiadamente ciertos tokens de acceso, lo que conlleva a que "Epoch 0 terminated with an error" en Envoy. Esto está relacionado con un fallo de segmentación en el archivo jwt_authenticator.cc. • https://github.com/istio/istio.io/pull/4555 https://github.com/istio/istio/issues/15084 https://istio.io/about/notes • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-12243
https://notcve.org/view.php?id=CVE-2019-12243
Istio 1.1.x through 1.1.6 has Incorrect Access Control. Istio desde la versión 1.1.x hasta la versión 1.1.6 presenta un control de acceso incorrecto. • https://istio.io/about/notes https://istio.io/blog/2019/cve-2019-12243 •