Lucene search
K

4 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/06/29 12:0 a.m.5 views

istioctl-1.30.2-1.1 on GA media (moderate)

istioctl-1.30.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:11141-1 Rating: moderate Cross-References: CVE-2026-47204 CVE-2026-47205 CVE-2026-47207 CVE-2026-47220 CVE-2026-47221 CVE-2026-47692 CVE-2026-47775 CVE-2026-47778 CVE-2026-48042 CVE-2026-48044 CVE-2026-48090 CVE-2026-48497...

7.5CVSS5.8AI score0.00665EPSS
Exploits11
Cvelist
Cvelist
added 2026/06/26 5:23 p.m.35 views

CVE-2026-47775 Envoy OAuth2 Filter: Padding Oracle via AES-256-CBC Cookie Decryption

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter's encrypt/decrypt functions use AES-256-CBC without an authentication tag no HMAC, no AEAD. The /callback endpoint returns HTTP 302 on...

6.8CVSS0.00219EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 5:23 p.m.6 views

CVE-2026-47775

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter's encrypt/decrypt functions use AES-256-CBC without an authentication tag no HMAC, no AEAD. The /callback endpoint returns HTTP 302 on...

6.8CVSS5.9AI score0.00219EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/26 5:23 p.m.21 views

CVE-2026-47775

Envoy OAuth2 filter vulnerability (CVE-2026-47775): prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the encrypt()/decrypt() path uses AES-256-CBC without an authentication tag (no HMAC/AEAD), enabling a padding oracle via the /callback endpoint. An attacker with the encrypted CodeVerifier ...

6.8CVSS5.9AI score0.00219EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder