Описание
Istio before 1.2.2 mishandles certain access tokens, leading to "Epoch 0 terminated with an error" in Envoy. This is related to a jwt_authenticator.cc segmentation fault.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Release NotesVendor Advisory
- Third Party Advisory
- Third Party Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.2 (исключая)
cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00652
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-476
Связанные уязвимости
github
больше 3 лет назад
Istio before 1.2.2 mishandles certain access tokens, leading to "Epoch 0 terminated with an error" in Envoy. This is related to a jwt_authenticator.cc segmentation fault.
EPSS
Процентиль: 70%
0.00652
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-476