Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-29685

Malware in sbrugna...

7.4CVSS7.5AI score0.01065EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 5:13 p.m.8 views

CVE-2020-8843

An issue was discovered in Istio 1.3 through 1.3.6. Under certain circumstances, it is possible to bypass a specifically configured Mixer policy. Istio-proxy accepts the x-istio-attributes header at ingress that can be used to affect policy decisions when Mixer policy selectively applies to a...

7.4CVSS6.8AI score0.01065EPSS
Exploits0References1
Veracode
Veracode
added 2020/02/17 2:36 a.m.19 views

Authorization Bypass

github.com/istio/api is vulnerable to authorization bypass. The vulnerability exists as Istio improperly handles forwarded attributes, allowing it to accept x-istio-attributes header during ingress. When used with the Mixer Policy enabled, it can result in different policy decisions...

7.4CVSS2.6AI score0.01065EPSS
Exploits0References7Affected Software1
CNVD
CNVD
added 2020/02/17 12:0 a.m.3 views

Unspecified Vulnerability in Istio

Istio is a set of open platforms for connecting, managing and securing microservices. A security vulnerability exists in Istio versions 1.3 through 1.3.6. An attacker can exploit the vulnerability by encoding the source.uid in the x-istio-attributes header to bypass the configured Mixer policy...

7.4CVSS6.8AI score0.01065EPSS
Exploits0References1
OSV
OSV
added 2020/02/14 7:15 p.m.12 views

CVE-2020-8843

An issue was discovered in Istio 1.3 through 1.3.6. Under certain circumstances, it is possible to bypass a specifically configured Mixer policy. Istio-proxy accepts the x-istio-attributes header at ingress that can be used to affect policy decisions when Mixer policy selectively applies to a...

7.4CVSS6.7AI score
Exploits0References3
Prion
Prion
added 2020/02/14 7:15 p.m.14 views

Design/Logic Flaw

An issue was discovered in Istio 1.3 through 1.3.6. Under certain circumstances, it is possible to bypass a specifically configured Mixer policy. Istio-proxy accepts the x-istio-attributes header at ingress that can be used to affect policy decisions when Mixer policy selectively applies to a...

5.8CVSS7.3AI score0.01065EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/02/14 6:45 p.m.21 views

CVE-2020-8843

An issue was discovered in Istio 1.3 through 1.3.6. Under certain circumstances, it is possible to bypass a specifically configured Mixer policy. Istio-proxy accepts the x-istio-attributes header at ingress that can be used to affect policy decisions when Mixer policy selectively applies to a...

7.4AI score0.01065EPSS
Exploits0References3
CVE
CVE
added 2020/02/14 6:45 p.m.117 views

CVE-2020-8843

CVE-2020-8843 affects Istio 1.3–1.3.6. The issue lets an attacker bypass a configured Mixer policy by abusing the x-istio-attributes header at ingress; exploitation requires encoding a source.uid in the header, which influences policy decisions when Mixer policy applies to ingress source. The vul...

7.4CVSS7.3AI score0.01065EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder