Istio mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding
, or QuotaSpecBinding
API.
CPE | Name | Operator | Version |
---|---|---|---|
go/istio.io/istio | lt | v1.1.13 | |
go/istio.io/istio | ge | v1.2.0 | |
go/istio.io/istio | lt | v1.2.4 |