Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:1946
HistoryApr 22, 2024 - 12:38 p.m.

(RHSA-2024:1946) Moderate: Red Hat OpenShift Service Mesh Containers for 2.5.1 security update

2024-04-2212:38:30
access.redhat.com
10
red hat
openshift
service mesh
istio
security update
cve-2023-26159
cve-2024-24786
cve-2024-28180
cve-2024-28849
cvss score

7.3 High

AI Score

Confidence

Low

0.05 Low

EPSS

Percentile

92.9%

JSON

Red Hat OpenShift Service Mesh is Red Hat’s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.

Security Fixes:

  • follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() (CVE-2023-26159)
  • golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)
  • jose-go: improper handling of highly compressed data (CVE-2024-28180)
  • follow-redirects: Possible credential leak (CVE-2024-28849)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

redhat 34
ibm 4
nessus 81
almalinux 6
osv 16
rocky 5
openvas 37
oraclelinux 6
redos 1
debian 2
freebsd 1
amazon 2
fedora 2
freebsd_advisory 1
mageia 1
redhat
redhat
(RHSA-2024:2092) Moderate: security update Logging for Red Hat OpenShift - 5.6.18
2024-05-01 16:40:08
(RHSA-2024:1697) Important: Errata Advisory for Red Hat OpenShift GitOps v1.11.3 security update
2024-04-08 13:33:54
(RHSA-2024:1700) Important: Errata Advisory for Red Hat OpenShift GitOps v1.10.4 security update
2024-04-08 16:35:01
ibm
ibm
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to protobuf-go, libcurl, libexpat, Java SE, IBM GSKit-Crypto, open redirect, buffer overflow condition and golang-fips/openssl vulnerabilities.
2024-04-30 07:19:33
Security Bulletin: Multiple security vulnerabilities in systemd may affect IBM Storage Scale System
2023-12-12 11:47:26
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
2024-04-23 14:11:37
nessus
nessus
RHCOS 4 : OpenShift Container Platform 4.12.54 (RHSA-2024:1574)
2024-04-03 00:00:00
RHCOS 4 : OpenShift Container Platform 4.15.6 (RHSA-2024:1563)
2024-04-02 00:00:00
RHEL 8 / 9 : OpenShift Container Platform 4.15.6 (RHSA-2024:1563)
2024-04-02 00:00:00
almalinux
almalinux
Moderate: curl security and bug fix update
2024-04-02 00:00:00
Important: bind and dhcp security update
2024-05-22 00:00:00
Important: bind and dhcp security update
2024-04-12 00:00:00
osv
osv
Moderate: curl security and bug fix update
2024-04-05 14:55:53
Moderate: curl security and bug fix update
2024-04-02 00:00:00
Important: bind and dhcp security update
2024-05-06 13:04:07
rocky
rocky
curl security and bug fix update
2024-04-05 14:55:53
bind and dhcp security update
2024-05-06 13:04:07
bind and dhcp security update
2024-06-14 13:59:16
openvas
openvas
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1603)
2024-05-10 00:00:00
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1732)
2024-05-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:1776-1)
2023-04-06 00:00:00
oraclelinux
oraclelinux
curl security and bug fix update
2024-04-03 00:00:00
bind and dhcp security update
2024-05-29 00:00:00
bind, bind-dyndb-ldap, and dhcp security update
2024-06-10 00:00:00
redos
redos
ROS-20240425-05
2024-04-25 00:00:00
debian
debian
[SECURITY] [DLA 3692-1] curl security update
2023-12-22 14:27:56
[SECURITY] [DLA 3736-1] unbound security update
2024-02-21 12:20:40
freebsd
freebsd
powerdns-recursor -- Multiple Vulnerabilities
2024-02-14 00:00:00
amazon
amazon
Important: unbound
2024-02-29 10:03:00
Important: bind
2024-04-24 22:15:00
fedora
fedora
[SECURITY] Fedora 39 Update: dnsmasq-2.90-1.fc39
2024-02-19 02:29:29
[SECURITY] Fedora 38 Update: dnsmasq-2.90-1.fc38
2024-02-29 01:59:13
freebsd_advisory
freebsd_advisory
FreeBSD-SA-24:03.unbound
2024-03-28 00:00:00
mageia
mageia
Updated dnsmasq packages fix security vulnerabilities
2024-02-18 04:49:05

7.3 High

AI Score

Confidence

Low

0.05 Low

EPSS

Percentile

92.9%

JSON
Related for RHSA-2024:1946
redhat34ibm4nessus81almalinux6osv16rocky5openvas37oraclelinux6redos1debian2freebsd1amazon2fedora2freebsd_advisory1mageia1