312 matches found
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 1.0.7 servicemesh-proxy security update
Red Hat OpenShift Service Mesh 1.0.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
istio: unauthorised access to JWT protected HTTP path
An unauthorized access vulnerability was found in Istio in the servicemesh-proxy. An attacker can use this flaw to specify an HTTP path and gain unauthorized access, even if the path is configured to only be accessed with a valid JSON Web Token JWT...
CVE-2020-1704
An insecure modification vulnerability in the /etc/passwd file was found in the openshift-service-mesh/kiali-rhel7-operator. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges...
RHEL 7 / 8 : Red Hat OpenShift Service Mesh 1.0.3 RPMs (RHSA-2019:4222)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:4222 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...
Critical: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 1.0.3 RPMs security update
Red Hat OpenShift Service Mesh 1.0.3. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
Envoy CVE-2019-18801 Heap Buffer Overflow Vulnerability
Description Envoy PHP is prone to a heap-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successfully exploiting this issue allows attackers to execute arbitrary code in the contex...
Wallarm Launches Support of Envoy Proxy/ Envoy API Protection
Wallarm can protect North-South API in the applications that use Envoy as an alternative Ingress controller at the front end of a Kubernetes cluster. Wallarm can also protect edge traffic and also East-West Envoy API for Service-Mesh and Istio. The post Wallarm Launches Support of Envoy Proxy/...
Is Service Mesh right for your infrastructure?
Andrew Jenkins of Aspen Mesh identifies three deployment options with regards to how a Service Mesh delivers its services: As a sidecar that runs alongside your microservice container As a library that can be built into each of the microservices As an agent that sit in the container infrastructur...
Important: Red Hat Enhancement Advisory: Red Hat OpenShift Service Mesh 1.0.2 RPMs
Red Hat OpenShift Service Mesh 1.0.2. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. The OpenShift Service Mesh release notes provide information on the features an...
RHEL 7 / 8 : Red Hat OpenShift Service Mesh 1.0.1 RPMs (Important) (RHSA-2019:3041)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3041 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 1.0.1 RPMs
Red Hat OpenShift Service Mesh 1.0.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
Important: Red Hat Security Advisory: Istio-Proxy Security Update
An update for Istio-Proxy is now available for Red Hat OpenShift Service Mesh Tech Preview 0.9.0. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...