EUVD-2022-26891

Malicious code in bioql PyPI...

Authorization

Istio is an open platform to connect, manage, and secure microservices. In Istio 1.12.0 and 1.12.1 The authorization policy with hosts and notHosts might be accidentally bypassed for ALLOW action or rejected unexpectedly for DENY action during the upgrade from 1.11 to 1.12.0/1.12.1. Istio 1.12...

CVE-2022-21679

Istio 1.12.0/1.12.1 contains a bug in the authorization policy that uses the new Envoy API with the 1.11 data plane. This causes hosts and notHosts in authorization policies to be matched regardless of header values when mixing 1.12 control plane with 1.11 data plane, potentially bypassing ALLOW ...

Wallarm Launches Support of Envoy Proxy/ Envoy API Protection

Wallarm can protect North-South API in the applications that use Envoy as an alternative Ingress controller at the front end of a Kubernetes cluster. Wallarm can also protect edge traffic and also East-West Envoy API for Service-Mesh and Istio. The post Wallarm Launches Support of Envoy Proxy/...

Envoy: Abuse of API can Lead to DoS

Issue Description The researcher identified that it is possible to abuse the manual creation of employees via the api, meaning that a malicious attacker can create a trial account and use this to mass spam users' with emails, the screenshot below shows the mass amount of emails that can be sent i...