ISTIO-SECURITY-2020-010

Sep 29, 2020

Disclosure Details
CVE(s)CVE-2020-25017
CVSS Impact Score8.3 AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Affected Releases1.6 to 1.6.10
1.7 to 1.7.2

Envoy, and subsequently Istio, is vulnerable to a newly discovered vulnerability:

Mitigation

Reporting vulnerabilities

We’d like to remind our community to follow the vulnerability reporting process to report any bug that can result in a security vulnerability.