diff --git a/content/en/news/security/istio-security-2019-001/index.md b/content/en/news/security/istio-security-2019-001/index.md index 4817c61f27..8f12f2ed9d 100644 --- a/content/en/news/security/istio-security-2019-001/index.md +++ b/content/en/news/security/istio-security-2019-001/index.md @@ -1,7 +1,7 @@ --- title: ISTIO-SECURITY-2019-001 subtitle: Security Bulletin -description: Security vulnerability disclosure for CVE-2019-12243. +description: Incorrect access control. cves: [CVE-2019-12243] cvss: "8.9" vector: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C" diff --git a/content/en/news/security/istio-security-2019-002/index.md b/content/en/news/security/istio-security-2019-002/index.md index 4870f0702b..ceeb8b82f5 100644 --- a/content/en/news/security/istio-security-2019-002/index.md +++ b/content/en/news/security/istio-security-2019-002/index.md @@ -1,7 +1,7 @@ --- title: ISTIO-SECURITY-2019-002 subtitle: Security Bulletin -description: Security vulnerability disclosure for CVE-2019-12995. +description: Denial of service affecting JWT access token parsing. cves: [CVE-2019-12995] cvss: "7.5" vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C" diff --git a/content/en/news/security/istio-security-2019-003/index.md b/content/en/news/security/istio-security-2019-003/index.md index f854fe0e64..5057f3b871 100644 --- a/content/en/news/security/istio-security-2019-003/index.md +++ b/content/en/news/security/istio-security-2019-003/index.md @@ -1,7 +1,7 @@ --- title: ISTIO-SECURITY-2019-003 subtitle: Security Bulletin -description: Security vulnerability disclosure for CVE-2019-14993. +description: Denial of service in regular expression parsing. cves: [CVE-2019-14993] cvss: "7.5" vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" diff --git a/content/en/news/security/istio-security-2019-004/index.md b/content/en/news/security/istio-security-2019-004/index.md index 6b7aa6a946..73f7e3e50d 100644 --- a/content/en/news/security/istio-security-2019-004/index.md +++ b/content/en/news/security/istio-security-2019-004/index.md @@ -1,7 +1,7 @@ --- title: ISTIO-SECURITY-2019-004 subtitle: Security Bulletin -description: Security vulnerability disclosure for multiple CVEs. +description: Multiple denial of service vulnerabilities related to HTTP2 support in Envoy. cves: [CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518] cvss: "7.5" vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" diff --git a/content/en/news/security/istio-security-2019-005/index.md b/content/en/news/security/istio-security-2019-005/index.md index db387bb25f..c89da4c853 100644 --- a/content/en/news/security/istio-security-2019-005/index.md +++ b/content/en/news/security/istio-security-2019-005/index.md @@ -1,7 +1,7 @@ --- title: ISTIO-SECURITY-2019-005 subtitle: Security Bulletin -description: Security vulnerability disclosure for CVE-2019-15226. +description: Denial of service caused by the presence of numerous HTTP headers in client requests. cves: [CVE-2019-15226] cvss: "7.5" vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" diff --git a/content/en/news/security/istio-security-2019-006/index.md b/content/en/news/security/istio-security-2019-006/index.md index 9a244b7f81..5ab77d4d16 100644 --- a/content/en/news/security/istio-security-2019-006/index.md +++ b/content/en/news/security/istio-security-2019-006/index.md @@ -1,7 +1,7 @@ --- title: ISTIO-SECURITY-2019-006 subtitle: Security Bulletin -description: Security vulnerability disclosure for CVE-2019-18817. +description: Denial of service. cves: [CVE-2019-18817] cvss: "7.5" vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C"