VulnerableCode Package Details - pkg:alpm/archlinux/istio@1.9.2-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-dp7a-3quf-aaac Aliases: CVE-2021-28683	An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received.	1.10.0-1 Affected by 0 other vulnerabilities.
VCID-fhr4-2cw2-aaaj Aliases: CVE-2021-31921	Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external client can access unexpected services in the cluster, bypassing authorization checks, when a gateway is configured with AUTO_PASSTHROUGH routing configuration.	1.10.0-1 Affected by 0 other vulnerabilities.
VCID-n735-w925-aaaf Aliases: CVE-2021-31920 GHSA-6q5m-22mq-q2xv	Istio before 1.8.6 and 1.9.x before 1.9.5 has a remotely exploitable vulnerability where an HTTP request path with multiple slashes or escaped slash characters (%2F or %5C) could potentially bypass an Istio authorization policy when path based authorization rules are used.	1.10.0-1 Affected by 0 other vulnerabilities.
VCID-pbmp-naqq-aaam Aliases: CVE-2021-29258	An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion.	1.10.0-1 Affected by 0 other vulnerabilities.
VCID-qyex-hm2q-aaaa Aliases: CVE-2021-28682	An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations.	1.10.0-1 Affected by 0 other vulnerabilities.
VCID-u5y5-tcfd-aaan Aliases: CVE-2021-29492	Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences `%2F` and `%5C` in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with escaped slashes, e.g. `/something%2F..%2Fadmin`, to bypass access control, e.g. a block on `/admin`. A backend server could then decode slash sequences and normalize path and provide an attacker access beyond the scope provided for by the access control policy. ### Impact Escalation of Privileges when using RBAC or JWT filters with enforcement based on URL path. Users with back end servers that interpret `%2F` and `/` and `%5C` and `\` interchangeably are impacted. ### Attack Vector URL paths containing escaped slash characters delivered by untrusted client. Patches in versions 1.18.3, 1.17.3, 1.16.4, 1.15.5 contain new path normalization option to decode escaped slash characters. As a workaround, if back end servers treat `%2F` and `/` and `%5C` and `\` interchangeably and a URL path based access control is configured, one may reconfigure the back end server to not treat `%2F` and `/` and `%5C` and `\` interchangeably.	1.10.0-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-dp7a-3quf-aaac
Aliases:
CVE-2021-28683

An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received.