5 matches found
EUVD-2020-12559
Malware in sbrugna...
RHEL 8 : Red Hat OpenShift Service Mesh 1.0 servicemesh-proxy (RHSA-2020:2864)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2864 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...
CVE-2020-10739
A null pointer exception flaw was found in servicemesh-proxy. When running Telemetry v2 not on by default in version 1.4.x, an attacker could send a specially crafted packet to the ingress gateway or proxy sidecar, triggering a denial of service. Mitigation Leave the telemetry reporting in...
CVE-2020-1704
An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh maistra before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their...
CVE-2020-1704
An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh maistra before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their...