2026-01-15 19:18:50
mitre
PUBLISHED
Istio through 1.28.2 allows iptables rule injection for changing firewall behavior via the traffic.sidecar.istio.io/excludeInterfaces annotation. NOTE: the reporters position is "this doesnt represent a security vulnerability (pod creators can already exclude sidecar injection entirely)."