7 matches found
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.10 security update
Red Hat OpenShift Service Mesh 2.2.10 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
istio security update
istio 1.17.5-1 - Addresses CVE CVE-2023-35941, CVE-2023-35942, CVE-2023-35943, CVE-2023-35944. kubevirt 0.58.0-3 - Ensure that selinux build tags are set for all Go builds olcne 1.7.2-2 - Update kubevirt image versions fixing selinux=enforce not being supported 1.7.2-1 - Add Istio-1.17.5 and...
Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2023-006)
The version of ecs-service-connect-agent installed on the remote host is prior to v1.26.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-006 advisory. Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to...
Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2023-300)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-300 advisory. Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.2 security update
Red Hat OpenShift Service Mesh 2.4.2 Containers Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.6 security update
Red Hat OpenShift Service Mesh 2.3.6 Containers Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
CVE-2023-35941
Envoy CVE-2023-35941 affects vulnerable OAuth2 filter handling across multiple pre-fix releases (Envoy 1.27.0, 1.26.4, 1.25.9, 1.24.10, 1.23.12 and earlier). The issue allows a malicious client to construct credentials with permanent validity in specific scenarios where HMAC payload validation co...