CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

RedHat Linux•added 2021/08/25 9:37 a.m.•1 views

istio/istio: HTTP request can bypass authorization mechanisms due to case insensitive host comparison

An authorization bypass vulnerability was found in istio/istio. The case insensitive host comparison incorrectly works when evaluating rules specified with host or notHost. This flaw allows an attacker to bypass an Istio authorization policy that uses hosts in the rules, potentially gaining acces...

8.3CVSS5.8AI score0.00171EPSS

Exploits0References5

CNNVD•added 2021/08/24 12:0 a.m.•2 views

detect-character-encoding 安全漏洞

detect-character-encoding is an open source C++ plugin. A security vulnerability exists in detect-character-encoding, which stems from an authorization bypass vulnerability found in istio istio. Case-insensitive host comparisons were incorrect when computing rules specified with host or notHost...

7.5CVSS7.3AI score0.00528EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by