FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
484d3f5e-653a-11e9-b0e3-1c39475b9f84	Istio -- Security vulnerabilities Istio reports: Two security vulnerabilities have recently been identified in the Envoy proxy. The vulnerabilities are centered on the fact that Envoy did not normalize HTTP URI paths and did not fully validate HTTP/1.1 header values. These vulnerabilities impact Istio features that rely on Envoy to enforce any of authorization, routing, or rate limiting. Discovery 2019-03-29 Entry 2019-04-22 istio < 1.1.2 CVE-2019-9900 CVE-2019-9901 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9900 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9901 https://github.com/envoyproxy/envoy/issues/6434 https://github.com/envoyproxy/envoy/issues/6435

VuXML ID

Description

484d3f5e-653a-11e9-b0e3-1c39475b9f84

Istio -- Security vulnerabilities

Istio reports:

Two security vulnerabilities have recently been identified in the Envoy proxy. The vulnerabilities are centered on the fact that Envoy did not normalize HTTP URI paths and did not fully validate HTTP/1.1 header values. These vulnerabilities impact Istio features that rely on Envoy to enforce any of authorization, routing, or rate limiting.

Discovery 2019-03-29
Entry 2019-04-22
istio

< 1.1.2

CVE-2019-9900
CVE-2019-9901
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9900
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9901
https://github.com/envoyproxy/envoy/issues/6434
https://github.com/envoyproxy/envoy/issues/6435