EUVD-2021-15897

Malware in sbrugna...

Oracle Linux 8 : olcne (ELSA-2021-9398)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9398 advisory. - Address Istio CVE's CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 - Address CVE-2021-28683,...

Oracle Linux 8 : olcne (ELSA-2021-9396)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9396 advisory. - Address Istio CVE's CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 istio - Address CVE-2021-28683,...

CVE-2021-29258

CVE-2021-29258 affects Envoy 1.14.0, causing a remote crash in HTTP2 Metadata triggered by an empty METADATA map → Reachable Assertion. CVSSv3.1 base score 7.5 (HIGH, NETWORK, no user interaction). The connected BIT-ENVOY entry confirms the issue; no exploitation details or fixed-version info are...

CVE-2021-29258

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion...