Vulnerabilities > Istio > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-06-09 CVE-2022-31045 Out-of-bounds Read vulnerability in Istio
Istio is an open platform to connect, manage, and secure microservices.
network
low complexity
istio CWE-125
critical
 9.8
9.8
2022-01-19 CVE-2022-21679 Always-Incorrect Control Flow Implementation vulnerability in Istio 1.12.0/1.12.1
Istio is an open platform to connect, manage, and secure microservices.
network
low complexity
istio CWE-670
critical
 9.8
9.8
2021-06-02 CVE-2021-31921 Missing Authorization vulnerability in Istio
Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely exploitable vulnerability where an external client can access unexpected services in the cluster, bypassing authorization checks, when a gateway is configured with AUTO_PASSTHROUGH routing configuration.
network
low complexity
istio CWE-862
critical
 9.8
9.8