vulnerability

FreeBSD: VID-484d3f5e-653a-11e9-b0e3-1c39475b9f84 (CVE-2019-9900): Istio -- Security vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Apr 22, 2019	Apr 23, 2019	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Apr 22, 2019

Added

Apr 23, 2019

Modified

Dec 10, 2025

Description

Istio reports: Two security vulnerabilities have recently been identified in the Envoy proxy. The vulnerabilities are centered on the fact that Envoy did not normalize HTTP URI paths and did not fully validate HTTP/1.1 header values. These vulnerabilities impact Istio features that rely on Envoy to enforce any of authorization, routing, or rate limiting.

Solution

freebsd-upgrade-package-istio

References

CVE-2019-9900
https://attackerkb.com/topics/CVE-2019-9900
CWE-74

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today