From 083d6a4ae4aa5fa1f7f26eca65ffb7d15b9a988b Mon Sep 17 00:00:00 2001 From: Joshua Blatt Date: Sat, 29 Jun 2019 03:35:06 -0700 Subject: [PATCH] Remove consecutive blank line. (#4587) --- content/blog/2019/cve-2019-12995/index.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/blog/2019/cve-2019-12995/index.md b/content/blog/2019/cve-2019-12995/index.md index 0e58b2eddd..3d43e84209 100644 --- a/content/blog/2019/cve-2019-12995/index.md +++ b/content/blog/2019/cve-2019-12995/index.md @@ -44,7 +44,6 @@ Envoy is vulnerable if the following two conditions are satisfied: The RSA algorithm used for signature verification does not contain any known security vulnerability. This CVE is triggered only when using this algorithm but is unrelated to the security of the system. {{< /tip >}} - If JWT policy is applied to the Istio ingress gateway, please be aware that any external user who has access to the ingress gateway could crash it with a single HTTP request. If JWT policy is applied to the sidecar only, please keep in mind it might still be vulnerable. For example, the Istio ingress gateway might forward the JWT token to the sidecar which could be a malformed JWT token that crashes the sidecar.