CVE-2025-0754

The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to improper sanitization of HTTP headers by Envoy, particularly the x-forwarded-for header. This lack of sanitization can allow attackers to inject malicious payloads into service mesh logs, leading to lo...

PT-2025-4039 · Red Hat · Openshift Service Mesh

Name of the Vulnerable Software and Affected Versions: OpenShift Service Mesh versions 2.5.6 through 2.6.3 Description: A flaw was found in OpenShift Service Mesh due to improper HTTP header sanitization in Envoy. This may lead to rate-limiter avoidance, access-control bypass, CPU and memory...