summarised 6 fuzzers written and added to Istio's OSS-Fuzz integration 1 CVE found in Golang 1 vulnerability found that affected Googles managed Istio offering 11 issues found ● 5 system resource exhaustion affected Googleʼs managed Istio offering, and it led to further investigation that revealed a vulnerability in Golang itself. The finding was reported by the auditing team to the Istio maintainers, because connection, which could lead to a denial of service scenario if a large request was sent. This is a vulnerability, however, to be vulnerable, users would need the MultiplexHTTP option configured - used by some

how to report bugs, in code or in documentation. ● The Istio security team responds rapidly to vulnerability reports. Read how to submit an issue. Become a Contributor ● The Istio Community README is the

abused in the event of a workload compromise or the exploitation of a server-side request forgery vulnerability. In the case of the latter, this could enable a denial of service vector by sending a request