Lucene search
+L

6 matches found

RedHat Linux
RedHat Linux
added 2023/08/11 4:46 p.m.44 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.9 security update

Red Hat OpenShift Service Mesh 2.2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

9.8CVSS6.6AI score0.00869EPSS
Exploits6References7
RedhatCVE
RedhatCVE
added 2023/04/05 12:13 p.m.44 views

CVE-2023-27496

A flaw was found in Envoy. If Envoy is running with the OAuth filter enabled, a malicious actor could construct a request which would cause denial of service, crashing Envoy...

6.5CVSS7.8AI score0.00758EPSS
Exploits1References3
Wolfi
Wolfi
added 2023/04/04 8:15 p.m.17 views

CVE-2023-27496 vulnerabilities

Vulnerabilities for packages: envoy...

7.5CVSS7.7AI score0.00758EPSS
Exploits1
Chainguard
Chainguard
added 2023/04/04 8:15 p.m.35 views

CVE-2023-27496 vulnerabilities

Vulnerabilities for packages: envoy...

5CVSS7.4AI score0.00758EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2023/04/04 7:48 p.m.7 views

CVE-2023-27496 Envoy may crash when a redirect url without a state param is received in the oauth filter

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the OAuth filter assumes that a state query param is present on any response that looks like an OAuth redirect response. Sending it a request with t...

6.5CVSS6.4AI score0.00758EPSS
Exploits1References1
CVE
CVE
added 2023/04/04 7:48 p.m.166 views

CVE-2023-27496

CVE-2023-27496 affects the Envoy proxy. Prior to patch versions (1.26.0, 1.25.3, 1.24.4, 1.23.6, 1.22.9), an OAuth redirect response without the state parameter could cause abnormal termination of the Envoy process when the redirect path is requested. A patch is available in those lines; mitigati...

7.5CVSS7.6AI score0.00758EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder