2 matches found
EUVD-2021-1611
Malware in sbrugna...
istio/istio: HTTP request can bypass authorization mechanisms due to case insensitive host comparison
An authorization bypass vulnerability was found in istio/istio. The case insensitive host comparison incorrectly works when evaluating rules specified with host or notHost. This flaw allows an attacker to bypass an Istio authorization policy that uses hosts in the rules, potentially gaining acces...