Authorization Bypass

servicemesh-proxy is vulnerable to authorization bypass. It allows specifically crafted requests to bypass authorization. Attackers may be able to escalate privileges when using ext-authz extension or back end service that uses multiple value headers for authorization. A specifically constructed...

Denial Of Service (DoS)

servicemesh-proxy is vulnerable to denial of service. A NULL pointer dereference vulnerability in envoyproxy/envoy allows an attacker crash the application by establishing a TLS session that sends an invalid TLS alert code resulting in a denial of service...

RHEL 8 : Red Hat OpenShift Service Mesh 1.1.13 (RHSA-2021:1322)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1322 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...

CVE-2021-21378

An authentication bypass vulnerability was found in envoyproxy/envoy. When specifying a JSON Web Token JWT authentication filter, if allowmissing is also used, this flaw allows an attacker to craft a request with a JWT token with an incorrect issuer bypassing the filter. The highest threat from...

RHEL 8 : Red Hat OpenShift Service Mesh 1.1 servicemesh-proxy (RHSA-2020:4129)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4129 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift...