| CVE-2021-39156 |
AVG-2321 |
High |
Yes |
Access restriction bypass |
Istio before version 1.11.1 contains a remotely exploitable vulnerability where an HTTP request with #fragment in the path may bypass Istio's URI path based... |
| CVE-2021-39155 |
AVG-2321 |
High |
Yes |
Access restriction bypass |
A security issue has been found in Istio before version 1.11.1. According to RFC 4343, Istio authorization policy should compare the hostname in the HTTP... |
| CVE-2021-34824 |
AVG-2113 |
Critical |
Yes |
Information disclosure |
Istio before version 1.10.2 contains a remotely exploitable vulnerability where credentials specified in the Gateway and DestinationRule credentialName... |
| CVE-2021-32781 |
AVG-2321 |
High |
Yes |
Arbitrary code execution |
Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability that affects Envoy’s decompressor, json- transcoder or grpc-web... |
| CVE-2021-32780 |
AVG-2321 |
High |
Yes |
Denial of service |
Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability where an untrusted upstream service could cause Envoy to... |
| CVE-2021-32778 |
AVG-2321 |
High |
Yes |
Denial of service |
Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability where an Envoy client opening and then resetting a large number... |
| CVE-2021-32777 |
AVG-2321 |
High |
Yes |
Insufficient validation |
Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability that an HTTP request with multiple value headers could do an... |
| CVE-2021-31921 |
AVG-1947 |
Critical |
Yes |
Authentication bypass |
Istio before version 1.9.5 contains a remotely exploitable vulnerability where an external client can access unexpected services in the cluster, bypassing... |
| CVE-2021-31920 |
AVG-1947 |
High |
Yes |
Authentication bypass |
Istio before version 1.9.5 contains a remotely exploitable vulnerability where an HTTP request path with multiple slashes or escaped slash characters (%2F... |
| CVE-2021-29492 |
AVG-1947 |
High |
Yes |
Authentication bypass |
Envoy before version 1.18.3, and subsequently Istio before version 1.9.5, contains a remotely exploitable authorization bypass vulnerability. An attacker... |
| CVE-2021-29258 |
AVG-1947 |
High |
Yes |
Denial of service |
Envoy before version 1.18.0, and subsequently Istio before version 1.9.3, contains a remotely exploitable vulnerability where an HTTP2 request with an empty... |
| CVE-2021-28683 |
AVG-1947 |
High |
Yes |
Denial of service |
Envoy before version 1.18.0, and subsequently Istio before version 1.9.3, contains a remotely exploitable NULL pointer dereference and crash in TLS when an... |
| CVE-2021-28682 |
AVG-1947 |
High |
Yes |
Arbitrary code execution |
Envoy before version 1.18.0, and subsequently Istio before version 1.9.3, contains a remotely exploitable integer overflow in which a very large... |