Количество 9
Количество 9
CVE-2023-27488
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when `failure_mode_allow: true` is configured for `ext_authz` filter. For affected components that are used for logging and/or visibility, requests may not be logged by the receiving service. When Envoy was configured to use ext_authz, ext_proc, tap, ratelimit filters, and grpc access log service and an http header with non-UTF-8 data was received, Envoy would generate an invalid protobuf message and send it to the configured service. The receiving service would typically generate an error when decoding the protobuf message. For ext_authz that was configured with ``failure_mode_allow: true``, the request would have been allowed in this case. For the other services, this could have resulted in other unforeseen errors such as a lack of visibility into requests. As of versions 1.26.0, 1.25.3, 1.24.4, 1...
CVE-2023-27488
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when `failure_mode_allow: true` is configured for `ext_authz` filter. For affected components that are used for logging and/or visibility, requests may not be logged by the receiving service. When Envoy was configured to use ext_authz, ext_proc, tap, ratelimit filters, and grpc access log service and an http header with non-UTF-8 data was received, Envoy would generate an invalid protobuf message and send it to the configured service. The receiving service would typically generate an error when decoding the protobuf message. For ext_authz that was configured with ``failure_mode_allow: true``, the request would have been allowed in this case. For the other services, this could have resulted in other unforeseen errors such as a lack of visibility into requests. As of versions 1.26.0, 1.25.3, 1.24.4, 1.
CVE-2023-27488
Envoy is an open source edge and service proxy designed for cloud-nati ...
ELSA-2023-23649
ELSA-2023-23649: olcne security update (IMPORTANT)
ELSA-2023-23648
ELSA-2023-23648: olcne security update (IMPORTANT)
ELSA-2023-12357
ELSA-2023-12357: istio security update (IMPORTANT)
ELSA-2023-12356
ELSA-2023-12356: istio security update (IMPORTANT)
ELSA-2023-12355
ELSA-2023-12355: istio security update (IMPORTANT)
ELSA-2023-12354
ELSA-2023-12354: istio security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-27488 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when `failure_mode_allow: true` is configured for `ext_authz` filter. For affected components that are used for logging and/or visibility, requests may not be logged by the receiving service. When Envoy was configured to use ext_authz, ext_proc, tap, ratelimit filters, and grpc access log service and an http header with non-UTF-8 data was received, Envoy would generate an invalid protobuf message and send it to the configured service. The receiving service would typically generate an error when decoding the protobuf message. For ext_authz that was configured with ``failure_mode_allow: true``, the request would have been allowed in this case. For the other services, this could have resulted in other unforeseen errors such as a lack of visibility into requests. As of versions 1.26.0, 1.25.3, 1.24.4, 1... | CVSS3: 8.6 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-27488 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when `failure_mode_allow: true` is configured for `ext_authz` filter. For affected components that are used for logging and/or visibility, requests may not be logged by the receiving service. When Envoy was configured to use ext_authz, ext_proc, tap, ratelimit filters, and grpc access log service and an http header with non-UTF-8 data was received, Envoy would generate an invalid protobuf message and send it to the configured service. The receiving service would typically generate an error when decoding the protobuf message. For ext_authz that was configured with ``failure_mode_allow: true``, the request would have been allowed in this case. For the other services, this could have resulted in other unforeseen errors such as a lack of visibility into requests. As of versions 1.26.0, 1.25.3, 1.24.4, 1. | CVSS3: 5.4 | 0% Низкий | больше 2 лет назад |
| CVE-2023-27488 Envoy is an open source edge and service proxy designed for cloud-nati ... | CVSS3: 5.4 | 0% Низкий | больше 2 лет назад |
| ELSA-2023-23649 ELSA-2023-23649: olcne security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-23648 ELSA-2023-23648: olcne security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-12357 ELSA-2023-12357: istio security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-12356 ELSA-2023-12356: istio security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-12355 ELSA-2023-12355: istio security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-12354 ELSA-2023-12354: istio security update (IMPORTANT) | больше 2 лет назад |
Уязвимостей на страницу