ISTIO-SECURITY-2024-005
CVEs reported by Envoy.
| Disclosure Details | |
|---|---|
| CVE(s) | |
| CVSS Impact Score | 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Affected Releases | 1.21.0 to 1.21.3 1.22.0 to 1.22.1 |
CVE
Envoy CVEs
- GHSA-8mq4-c2v5-3h39: (CVSS Score 7.5, Moderate): Datadog: Datadog tracer does not handle trace headers with Unicode characters.
Am I Impacted?
You are impacted if you are using Istio 1.21.0 to 1.21.3 or 1.22.0 to 1.22.1 and have enabled the Datadog tracer.