Istio
Moderate fix3 remedies
cpe:2.3:a:istio:istio:*:*:*:*:*:*:*
Moderate fix3 remedies
- >= 1.25, <= 1.27.8
- >= 1.28.0, <= 1.28.5
- >= 1.29.0, <= 1.29.1
Istio AuthorizationPolicy Regex Injection Vulnerability in Service Account Fields
Vulnerability
Patched
A vulnerability exists in Istio AuthorizationPolicy versions 1.25.0 through 1.27.8, 1.28.0 through 1.28.5, 1.29.0, and 1.29.1. The issue arises because the serviceAccounts and notServiceAccounts fields incorrectly treat dots as regular expression matchers. Since dots are valid in service account names, an ALLOW rule targeting a name like cert-manager.io will also match variations such as cert-manager-io and cert-managerXio. Conversely, a DENY rule for the same name does not block these variants.
Impact
Exploitation of this vulnerability allows for unintended matches in AuthorizationPolicy rules, potentially leading to improper allowance or denial of service accounts. This could be exploited to bypass security controls that rely on precise service account name matching.
Remediation
Users can upgrade to Istio versions 1.29.2, 1.28.6, or 1.27.9 to address this vulnerability.
Added: Apr 15, 2026, 11:26 PM
Updated: Apr 15, 2026, 11:26 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
1.3exploitability
3.5remediation
7.7relevance
6.0threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.