Denial of Service Vulnerability in Istio's Regular Expression Handling

Denial of Service Vulnerability in Istio's Regular Expression Handling

CVE-2019-14993 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API.

Learn more about our Cis Benchmark Audit For Bind.