Vulnerabilidades em istio
13 resultadosCVE-2022-23635HIGHUnauthenticated control plane denial of service attack in IstioEPSS 1.6%CVE-2022-24726HIGHUnauthenticated control plane denial of service attack in IstioEPSS 1.5%CVE-2021-39155HIGHAuthorization Policy Bypass Due to Case Insensitive Host ComparisonEPSS 1.2%CVE-2021-39156HIGHFragments in Path May Lead to Authorization Policy BypassEPSS 1.1%CVE-2022-21679MEDIUMAuthorization Policy bypass in IstioEPSS 1.1%CVE-2022-39278HIGHIstio vulnerable to denial of service attack due to Golang Regex LibraryEPSS 1.1%CVE-2022-31045HIGHIll-formed headers may lead to unexpected behavior in IstioEPSS 1.0%CVE-2022-21701MEDIUMPrivileged Escalation in IstioEPSS 0.8%CVE-2022-39388HIGHIstio may allow identity impersonation if user has localhost accessEPSS 0.5%CVE-2026-41413MEDIUMIstio Vulnerable to SSRF via RequestAuthentication jwksUriEPSS 0.3%CVE-2026-31837HIGHIstio JWKS resolver to prevent private key material from being exposed when JWKS fetch fails.EPSS 0.3%CVE-2026-31838MEDIUMIstio HTTP debug endpoints on port 15014 to enforce namespace-based authorization, preventing cross-namespace proxy data access.EPSS 0.2%CVE-2026-39350MEDIUMIstio AuthorizationPolicy Incorrect Regex Matching of Dots in serviceAccounts Fields Allows Policy BypassEPSS 0.2%