Headline
CVE-2021-34824: Istio / ISTIO-SECURITY-2021-007
Istio (1.8.x, 1.9.0-1.9.5 and 1.10.0-1.10.1) contains a remotely exploitable vulnerability where credentials specified in the Gateway and DestinationRule credentialName field can be accessed from different namespaces.
Related news
CVE-2021-37412:
The TechRadar app 1.1 for Confluence Server allows XSS via the Title field of a Radar.
CVE-2021-28966: HackerOne
In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir.