Vulnerabilities > Istio > Istio > 1.4.7

DATE CVE VULNERABILITY TITLE RISK
2020-06-02 CVE-2020-10739 NULL Pointer Dereference vulnerability in Istio
Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer Exception resulting in a Denial of Service.
network
low complexity
istio CWE-476
7.5
7.5
2020-04-15 CVE-2020-11767 Information Exposure vulnerability in multiple products
Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue.
network
high complexity
envoyproxy istio CWE-200
2.6
2.6