Istio 1.15.2

CPE Details

Istio 1.15.2
1.15.2
2022-10-14
13h11 +00:00
2022-10-14
14h59 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:istio:istio:1.15.2:*:*:*:*:*:*:*

Informations

Vendor

istio

Product

istio

Version

1.15.2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-44487 2023-10-10 00h00 +00:00 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
7.5
Haute
CVE-2022-39388 2022-11-09 23h00 +00:00 Istio is an open platform to connect, manage, and secure microservices. In versions on the 1.15.x branch prior to 1.15.3, a user can impersonate any workload identity within the service mesh if they have localhost access to the Istiod control plane. Version 1.15.3 contains a patch for this issue. There are no known workarounds.
7.6
Haute