5 matches found
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.9 security update
Red Hat OpenShift Service Mesh 2.2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Envoy security bypass ( CVE-2023-27488)
Summary Potential Enyoy security bypass vulnerability CVE-2022-25881 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-27488 DESCRIPTION: Envoy could allow a remote attacker to...
CVE-2023-27488 vulnerabilities
Vulnerabilities for packages: envoy...
CVE-2023-27488 vulnerabilities
Vulnerabilities for packages: envoy...
CVE-2023-27488 Envoy gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received.
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when failuremodeallow: true is configured for extauthz filter. For affected components that are used for loggin...