CVE-2026-31837 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a user of Istio is impacted if the JWKS resolver be…
High CVSS: 8.7

CVE-2026-31837

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a user of Istio is impacted if the JWKS resolver becomes unavailable or the fetch fails, exposing hardcoded defaults regardless of use of the RequestAuthentication resource. This vulnerability is fixed in 1.29.1, 1.28.5, and 1.27.8.
Vendor
Istio
Product
Istio
CWE
CWE-200
Yayın Tarihi
2026-03-10 22:16:21
Güncelleme
2026-03-18 18:59:40
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-200 Istio HIGH Istio 2026

Referanslar

https://github.com/istio/istio/security/advisories/GHSA-v75c-crr9-733c