8 matches found
Oracle Linux 7 / 8 : olcne / istio / istio (ELSA-2022-9362)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9362 advisory. - Addresses CVE-2022-24726, CVE-2022-24921 istio Tenable has extracted the preceding description block directly from the Oracle Linux security...
Oracle Linux 7 / 8 : olcne / istio / istio (ELSA-2022-9363)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9363 advisory. - Addresses CVE-2022-24726, CVE-2022-24921 istio Tenable has extracted the preceding description block directly from the Oracle Linux security...
olcne istio istio security update
olcne 1.4.3-1 - Update Istio to 1.13.2 istio 1.12.6-1 - Addresses CVE-2022-24726, CVE-2022-24921 istio 1.13.2-1 - Added Oracle specific files for 1.13.2-1...
olcne istio istio security update
olcne 1.3.5-1 - Update Istio to 1.12.6prometheus-2.30.1, grafana-7.5.15 istio 1.12.6-1 - Addresses CVE-2022-24726, CVE-2022-24921 istio 1.11.4-1 - Added Oracle specific files for 1.11.4-1...
RHEL 8 : Red Hat OpenShift Service Mesh 2.1.2 (RHSA-2022:1275)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1275 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.2 security update
Red Hat OpenShift Service Mesh 2.1.2 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
CVE-2022-24726 Unauthenticated control plane denial of service attack in Istio
Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing when the...
CVE-2022-24726
The CVE-2022-24726 entry affects Istio’s control plane (istiod) where a request processing error in the validating webhook, exposed publicly on TLS port 15017, can crash the control plane when a specially crafted message is processed. Affected versions have been patched in Istio releases 1.13.2, ...