Lucene search

Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-7790C0C7705A350B13486BBE0C8AE1C5

HistoryAug 13, 2019 - 12:00 a.m.

Incorrect Regular Expression

2019-08-1300:00:00

https://gitlab.com/gitlab-org/security-products/gemnasium-db

gitlab.com

0.002 Low

EPSS

Percentile

65.1%

JSON

Istio mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.

CPENameOperatorVersion
go/istio.io/istioltv1.1.13
go/istio.io/istiogev1.2.0
go/istio.io/istioltv1.2.4

Name	Operator	Version
go/istio.io/istio	lt	v1.1.13
go/istio.io/istio	ge	v1.2.0
go/istio.io/istio	lt	v1.2.4

References

discuss.istio.io/t/upcoming-security-updates-in-istio-1-2-4-and-1-1-13/3383

gcc.gnu.org/bugzilla/show_bug.cgi?id=86164

github.com/envoyproxy/envoy/issues/7728

istio.io/blog/2019/istio-security-003-004/

nvd.nist.gov/vuln/detail/CVE-2019-14993

0.002 Low

EPSS

Percentile

65.1%

JSON

Related for GITLAB-7790C0C7705A350B13486BBE0C8AE1C5