8 matches found
CVE-2026-31838
Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...
CVE-2026-31838 Istio HTTP debug endpoints on port 15014 to enforce namespace-based authorization, preventing cross-namespace proxy data access.
Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...
EUVD-2026-10939
Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...
Istio 安全漏洞
Istio is an open-source platform that connects, manages, and protects microservices. There are security vulnerabilities in versions of Istio prior to 1.29.1, 1.28.5, and 1.27.8. These vulnerabilities stem from defects in the Envoy RBAC header matching mechanism, which may allow authorization...
PT-2026-24489
Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...
Cilium 安全漏洞
Cilium is an open source software from Cilium Open Source. It is used to provide and transparently secure network connectivity and load balancing between application workloads such as application containers or processes. A security vulnerability exists in Cilium versions prior to 1.15.8 and 1.16....
Toxy - Hackable Http Proxy To Simulate Server Failure Scenarios And Network Conditions
Toxy is a fully programmatic and hackable HTTP proxy to simulate server failure scenarios and unexpected network conditions , built for node.js / io.js . It was mainly designed for fuzzing/evil testing purposes, when toxy becomes particularly useful to cover fault tolerance and resiliency...
[ipset_list] ipset set listing wrapper script
Features: Calculate sum of set members and match on that count. List only members of a specified set. Choose a delimiter character for separating members. Show only sets containing a specific glob matching header. Arithmetic comparison on headers with an integer value. Match members using a...