ISTIO-SECURITY-2024-003

CVEs reported by Envoy.

Apr 22, 2024

Disclosure Details
CVE(s)CVE-2024-32475
CVSS Impact Score7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected ReleasesAll releases prior to 1.19.0
1.19.0 to 1.19.9
1.20.0 to 1.20.5
1.21.0 to 1.21.1

CVE

Envoy CVEs

Am I Impacted?

You are impacted if you enabled the auto_sni feature of Envoy, are using Istio versions 1.21.0 or above where this was enabled by default, or are using an Egress Gateway.