Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-23	CVE-2022-3962	A content spoofing vulnerability was found in Kiali. network low complexity kiali redhat	4.3
2021-06-01	CVE-2021-3495	Improper Preservation of Permissions vulnerability in multiple products An incorrect access control flaw was found in the kiali-operator in versions before 1.33.0 and before 1.24.7. network low complexity netlify redhat CWE-281	6.5
2021-01-29	CVE-2019-25014	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0. network low complexity istio redhat CWE-476	4.0
2020-03-04	CVE-2020-8661	Resource Exhaustion vulnerability in multiple products CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests. network low complexity cncf redhat CWE-400	5.0
2019-08-13	CVE-2019-9516	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. network low complexity apple apache canonical debian fedoraproject synology opensuse redhat oracle mcafee f5 nodejs CWE-770	6.5