Istio prior to 1.1.13 and 1.2.x prior to 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
istio istio |