Search for packages
| purl | pkg:golang/istio.io/istio@1.3.5 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-qzf4-cp5y-aaaq
Aliases: CVE-2019-18802 |
CVE-2019-18802 envoy: malformed request header may cause bypass of route matchers resulting in escalation of privileges or information disclosure | There are no reported fixed by versions. |
|
VCID-w3w7-upq4-aaam
Aliases: CVE-2019-18801 |
CVE-2019-18801 envoy: an untrusted remote client may send HTTP/2 requests that write to the heap outside of the request buffers when the upstream is HTTP/1 | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-10-15T18:29:57.441140+00:00 | GithubOSV Importer | Fixing | VCID-zwcz-r1fe-aaak | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-vc7h-cmp3-4hw5/GHSA-vc7h-cmp3-4hw5.json | 34.0.2 |
| 2024-09-18T09:10:13.189441+00:00 | GithubOSV Importer | Fixing | VCID-zwcz-r1fe-aaak | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-vc7h-cmp3-4hw5/GHSA-vc7h-cmp3-4hw5.json | 34.0.1 |
| 2024-04-23T23:05:56.937523+00:00 | GithubOSV Importer | Fixing | VCID-zwcz-r1fe-aaak | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-vc7h-cmp3-4hw5/GHSA-vc7h-cmp3-4hw5.json | 34.0.0rc4 |