Istio 1.15.2

CPE Details

Istio 1.15.2
1.15.2
2022-10-14
13h11 +00:00
2022-10-14
14h59 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:istio:istio:1.15.2:*:*:*:*:*:*:*

Informations

Vendor

istio

Product

istio

Version

1.15.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-44487 2023-10-10 00h00 +00:00 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
7.5
High
CVE-2022-39388 2022-11-09 23h00 +00:00 Istio is an open platform to connect, manage, and secure microservices. In versions on the 1.15.x branch prior to 1.15.3, a user can impersonate any workload identity within the service mesh if they have localhost access to the Istiod control plane. Version 1.15.3 contains a patch for this issue. There are no known workarounds.
7.6
High