4 matches found
RHEL 8 : Red Hat OpenShift Service Mesh 2.1.2 (RHSA-2022:1275)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1275 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.2 security update
Red Hat OpenShift Service Mesh 2.1.2 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
CVE-2022-21655 Incorrect handling of internal redirects results in crash in Envoy
Envoy is an open source edge and service proxy, designed for cloud-native applications. The envoy common router will segfault if an internal redirect selects a route configured with direct response or redirect actions. This will result in a denial of service. As a workaround turn off internal...
CVE-2022-21655
CVE-2022-21655 affects Envoy’s common router: if an internal redirect selects a route configured with direct response or redirect actions, it can segfault, causing a denial of service. The available sources confirm this behavior and provide a workaround: disable internal redirects on listeners wh...