| CVE-2021-39156 |
high |
— |
8.0 |
|
|
|
5y ago |
Istio Fragments in Path May Lead to Authorization Policy Bypass |
| CVE-2021-39155 |
high |
— |
8.0 |
|
|
|
5y ago |
Authorization Policy Bypass Due to Case Insensitive Host Comparison |
| CVE-2026-41413 |
high |
7.7 |
7.7 |
|
|
|
23d ago |
Istio: SSRF via RequestAuthentication jwksUri |
| CVE-2026-39350 |
unknown |
— |
— |
|
|
|
1mo ago |
Istio: AuthorizationPolicy serviceAccounts regex injection via unescaped dots |
| CVE-2022-31045 |
unknown |
— |
— |
|
|
|
4y ago |
Ill-formed headers may lead to unexpected behavior in Istio |
| CVE-2019-18817 |
unknown |
— |
— |
|
|
|
4y ago |
Istio vulnerable to denial of service |
| CVE-2019-14993 |
unknown |
— |
— |
|
|
|
4y ago |
Istio ReDoS Vulnerability |
| CVE-2022-23635 |
unknown |
— |
— |
|
|
|
4y ago |
Unauthenticated control plane denial of service attack in Istio |
| CVE-2020-16844 |
unknown |
— |
— |
|
|
|
4y ago |
Authorization bypass in Istio |
| CVE-2019-12243 |
unknown |
— |
— |
|
|
|
4y ago |
Istio may not check inbound TCP connections against istio-policy |