Lucene search
K

10 matches found

RedHat Linux
RedHat Linux
added 2023/08/11 4:46 p.m.43 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.9 security update

Red Hat OpenShift Service Mesh 2.2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

9.8CVSS6.6AI score0.00869EPSS
Exploits6References7
Circl
Circl
added 2023/04/04 10:25 p.m.5 views

CVE-2023-27491

creationtimestamp| type| source ---|---|--- 2023-04-04 22:25:46+00:00| seen| https://t.me/cibsecurity/61418...

9.1CVSS7.7AI score0.00869EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2023/04/04 9:36 p.m.29 views

CVE-2023-27491

A flaw was found in Envoy that may allow attackers to send specially crafted HTTP/2 or HTTP/3 requests to trigger parsing errors on the upstream HTTP/1 service...

6.5CVSS8.8AI score0.00869EPSS
Exploits1References4
NVD
NVD
added 2023/04/04 7:15 p.m.12 views

CVE-2023-27491

Envoy is an open source edge and service proxy designed for cloud-native applications. Compliant HTTP/1 service should reject malformed request lines. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, There is a possibility that non compliant HTTP/1 service may allow malformed request...

9.1CVSS7AI score0.00869EPSS
Exploits1References4
Wolfi
Wolfi
added 2023/04/04 7:15 p.m.13 views

CVE-2023-27491 vulnerabilities

Vulnerabilities for packages: envoy...

9.1CVSS7.7AI score0.00869EPSS
Exploits1
Chainguard
Chainguard
added 2023/04/04 7:15 p.m.37 views

CVE-2023-27491 vulnerabilities

Vulnerabilities for packages: envoy...

6.4CVSS7.4AI score0.00869EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2023/04/04 6:18 p.m.8 views

CVE-2023-27491 Envoy forwards invalid Http2/Http3 downstream headers

Envoy is an open source edge and service proxy designed for cloud-native applications. Compliant HTTP/1 service should reject malformed request lines. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, There is a possibility that non compliant HTTP/1 service may allow malformed request...

5.4CVSS8.9AI score0.00869EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/04/04 6:18 p.m.18 views

CVE-2023-27491 Envoy forwards invalid Http2/Http3 downstream headers

Envoy is an open source edge and service proxy designed for cloud-native applications. Compliant HTTP/1 service should reject malformed request lines. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, There is a possibility that non compliant HTTP/1 service may allow malformed request...

5.4CVSS9.2AI score0.00869EPSS
Exploits1References4
CVE
CVE
added 2023/04/04 6:18 p.m.156 views

CVE-2023-27491

CVE-2023-27491 affects Envoy: a non-compliant HTTP/1 service may allow malformed requests to bypass security policies. The BIT-ENVOY-2023-27491 entry documents that this vulnerability can be triggered in pre‑fix releases and that the issue is fixed in Envoy versions 1.26.0, 1.25.3, 1.24.4, 1.23.6...

9.1CVSS6.9AI score0.00869EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/04/04 6:18 p.m.14 views

CVE-2023-27491 Envoy forwards invalid Http2/Http3 downstream headers

Envoy is an open source edge and service proxy designed for cloud-native applications. Compliant HTTP/1 service should reject malformed request lines. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, There is a possibility that non compliant HTTP/1 service may allow malformed request...

5.4CVSS7.6AI score0.00869EPSS
Exploits1References6
Rows per page
Query Builder