DirectorySecurity Advisories
Sign In
Security Advisories

CGA-3r3p-jvc9-3xj8

Published

Last updated

https://images.chainguard.dev/security/CGA-3r3p-jvc9-3xj8
Package

istio-pilot-agent-1.22

Latest Update
Not affected
Aliases
  • CVE-2019-14993
  • GHSA-qcvw-82hh-gq38

Severity

7.5

High

CVSS V3

Summary

Istio ReDoS Vulnerability

Description

Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images