Known Vulnerabilities for products from Istio
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Istio".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-39350 json | Not Provided | 2026-04-15 | 2026-04-16 | |
| CVE-2026-31838 json | Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability ... | Not Provided | 2026-03-10 | 2026-04-07 |
| CVE-2023-44487 json | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many stre... | 7.5 - HIGH | 2023-10-10 | 2024-02-02 |
| CVE-2022-39388 json | Istio is an open platform to connect, manage, and secure microservices. In versions on the 1.15.x branch prior to 1.15.3, a u... | 3.5 - LOW | 2022-11-10 | 2022-11-15 |
| CVE-2022-39278 json | Istio is an open platform-independent service mesh that provides traffic management, policy enforcement, and telemetry collec... | 7.5 - HIGH | 2022-10-13 | 2022-10-19 |
| CVE-2022-31045 json | Istio is an open platform to connect, manage, and secure microservices. In affected versions ill-formed headers sent to Envoy... | 9.8 - CRITICAL | 2022-06-09 | 2022-06-17 |
| CVE-2022-24726 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-10 | 2022-03-18 |
| CVE-2022-23635 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-02-22 | 2023-07-13 |
| CVE-2022-21701 json | Istio is an open platform to connect, manage, and secure microservices. In versions 1.12.0 and 1.12.1 Istio is vulnerable to ... | 8.8 - HIGH | 2022-01-19 | 2022-01-27 |
| CVE-2022-21679 json | Istio is an open platform to connect, manage, and secure microservices. In Istio 1.12.0 and 1.12.1 The authorization policy w... | 9.8 - CRITICAL | 2022-01-19 | 2022-01-27 |
| CVE-2021-39156 json | Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microserv... | 7.5 - HIGH | 2021-08-24 | 2023-11-07 |
| CVE-2021-39155 json | Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microserv... | 7.5 - HIGH | 2021-08-24 | 2021-08-31 |
| CVE-2021-34824 json | Istio (1.8.x, 1.9.0-1.9.5 and 1.10.0-1.10.1) contains a remotely exploitable vulnerability where credentials specified in the... | 8.8 - HIGH | 2021-06-29 | 2022-07-12 |
| CVE-2021-31921 json | Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external client can access u... | 9.8 - CRITICAL | 2021-06-02 | 2022-05-01 |
| CVE-2021-31920 json | Istio before 1.8.6 and 1.9.x before 1.9.5 has a remotely exploitable vulnerability where an HTTP request path with multiple s... | 6.5 - MEDIUM | 2021-05-27 | 2022-07-12 |
| CVE-2020-16844 json | In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actio... | 6.8 - MEDIUM | 2020-10-01 | 2020-10-15 |
| CVE-2020-11767 json | Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. If there is a TCP connection (negotiated with SNI over H... | 3.1 - LOW | 2020-04-15 | 2021-07-21 |
| CVE-2020-10739 json | Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by se... | 7.5 - HIGH | 2020-06-02 | 2023-11-07 |
| CVE-2020-8843 json | An issue was discovered in Istio 1.3 through 1.3.6. Under certain circumstances, it is possible to bypass a specifically conf... | 7.4 - HIGH | 2020-02-14 | 2020-02-19 |
| CVE-2020-8595 json | Istio versions 1.2.10 (End of Life) and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. The Aut... | 7.3 - HIGH | 2020-02-12 | 2020-02-20 |
Known software with vulnerabilities from Istio
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Istio | Istio | 0.1.0 |