Описание
Istio ReDoS Vulnerability
Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.
Пакеты
istio.io/istio
< 1.1.13
1.1.13
istio.io/istio
>= 1.2.0, < 1.2.4
1.2.4
Связанные уязвимости
Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.
Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.
Уязвимость сетевого программного средства Istio, связанная с недостаточной обработкой регулярных выражений для длинных URI, позволяющая нарушителю вызвать отказ в обслуживании