Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2023-35942
Vulnerability from cvelistv5
Published
2023-07-25 18:24
Modified
2024-10-24 18:01
Severity ?
EPSS score ?
Summary
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| envoyproxy | envoy |
Version: >= 1.26.0, < 1.26.4 Version: >= 1.25.0, < 1.25.9 Version: >= 1.24.0, < 1.24.10 Version: < 1.23.12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:37:40.039Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-35942", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-24T18:00:49.771065Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-24T18:01:03.748Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "envoy", vendor: "envoyproxy", versions: [ { status: "affected", version: ">= 1.26.0, < 1.26.4", }, { status: "affected", version: ">= 1.25.0, < 1.25.9", }, { status: "affected", version: ">= 1.24.0, < 1.24.10", }, { status: "affected", version: "< 1.23.12", }, ], }, ], descriptions: [ { lang: "en", value: "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416: Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-25T18:24:11.613Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4", }, ], source: { advisory: "GHSA-69vr-g55c-v2v4", discovery: "UNKNOWN", }, title: "Envoy's gRPC access log crash caused by the listener draining", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-35942", datePublished: "2023-07-25T18:24:11.613Z", dateReserved: "2023-06-20T14:02:45.596Z", dateUpdated: "2024-10-24T18:01:03.748Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.23.0\", \"versionEndExcluding\": \"1.23.12\", \"matchCriteriaId\": \"588736F6-2FDC-4CF7-AFFA-7CFE16ED6EC6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.24.0\", \"versionEndExcluding\": \"1.24.10\", \"matchCriteriaId\": \"D8412E60-1C2F-4764-94F5-563FAA297466\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.25.0\", \"versionEndExcluding\": \"1.25.9\", \"matchCriteriaId\": \"0EC8FEB8-BB13-443C-8905-30B03F8F52E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.26.0\", \"versionEndExcluding\": \"1.26.4\", \"matchCriteriaId\": \"DA35F763-2810-4231-B5A9-93310BF7B765\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.\"}]", id: "CVE-2023-35942", lastModified: "2024-11-21T08:09:01.420", metrics: "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}]}", published: "2023-07-25T19:15:11.050", references: "[{\"url\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]", sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2023-35942\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-07-25T19:15:11.050\",\"lastModified\":\"2024-11-21T08:09:01.420\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.23.0\",\"versionEndExcluding\":\"1.23.12\",\"matchCriteriaId\":\"588736F6-2FDC-4CF7-AFFA-7CFE16ED6EC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.24.0\",\"versionEndExcluding\":\"1.24.10\",\"matchCriteriaId\":\"D8412E60-1C2F-4764-94F5-563FAA297466\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.25.0\",\"versionEndExcluding\":\"1.25.9\",\"matchCriteriaId\":\"0EC8FEB8-BB13-443C-8905-30B03F8F52E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.26.0\",\"versionEndExcluding\":\"1.26.4\",\"matchCriteriaId\":\"DA35F763-2810-4231-B5A9-93310BF7B765\"}]}]}],\"references\":[{\"url\":\"https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4\", \"name\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T16:37:40.039Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-35942\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-24T18:00:49.771065Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-24T18:00:56.675Z\"}}], \"cna\": {\"title\": \"Envoy's gRPC access log crash caused by the listener draining\", \"source\": {\"advisory\": \"GHSA-69vr-g55c-v2v4\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"envoyproxy\", \"product\": \"envoy\", \"versions\": [{\"status\": \"affected\", \"version\": \">= 1.26.0, < 1.26.4\"}, {\"status\": \"affected\", \"version\": \">= 1.25.0, < 1.25.9\"}, {\"status\": \"affected\", \"version\": \">= 1.24.0, < 1.24.10\"}, {\"status\": \"affected\", \"version\": \"< 1.23.12\"}]}], \"references\": [{\"url\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4\", \"name\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416: Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2023-07-25T18:24:11.613Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2023-35942\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-24T18:01:03.748Z\", \"dateReserved\": \"2023-06-20T14:02:45.596Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2023-07-25T18:24:11.613Z\", \"assignerShortName\": \"GitHub_M\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
WID-SEC-W-2023-2058
Vulnerability from csaf_certbund
Published
2023-08-13 22:00
Modified
2023-10-08 22:00
Summary
Red Hat OpenShift Service Mesh und Service Mesh Containers: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.\r\nRed Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-2058 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2058.json", }, { category: "self", summary: "WID-SEC-2023-2058 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2058", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:3997-1 vom 2023-10-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016564.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALASECS-2023-007 vom 2023-09-27", url: "https://alas.aws.amazon.com/AL2/ALASECS-2023-007.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:5175 vom 2023-09-14", url: "https://access.redhat.com/errata/RHSA-2023:5175", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:5174 vom 2023-09-14", url: "https://access.redhat.com/errata/RHSA-2023:5174", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12772 vom 2023-09-11", url: "https://linux.oracle.com/errata/ELSA-2023-12772.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12781 vom 2023-09-08", url: "https://linux.oracle.com/errata/ELSA-2023-12781.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12780 vom 2023-09-08", url: "https://linux.oracle.com/errata/ELSA-2023-12780.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12771 vom 2023-09-06", url: "https://linux.oracle.com/errata/ELSA-2023-12771.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS2ECS-2023-006 vom 2023-09-07", url: "https://alas.aws.amazon.com/AL2/ALASECS-2023-006.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:4627 vom 2023-08-13", url: "https://access.redhat.com/errata/RHSA-2023:4627", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:4625 vom 2023-08-13", url: "https://access.redhat.com/errata/RHSA-2023:4625", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:4624 vom 2023-08-13", url: "https://access.redhat.com/errata/RHSA-2023:4624", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:4623 vom 2023-08-13", url: "https://access.redhat.com/errata/RHSA-2023:4623", }, ], source_lang: "en-US", title: "Red Hat OpenShift Service Mesh und Service Mesh Containers: Mehrere Schwachstellen", tracking: { current_release_date: "2023-10-08T22:00:00.000+00:00", generator: { date: "2024-08-15T17:57:03.993+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-2058", initial_release_date: "2023-08-13T22:00:00.000+00:00", revision_history: [ { date: "2023-08-13T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-09-06T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Amazon und Oracle Linux aufgenommen", }, { date: "2023-09-10T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2023-09-11T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2023-09-14T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-09-27T22:00:00.000+00:00", number: "6", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2023-10-08T22:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, ], status: "final", version: "7", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux < Migration Toolkit for Applications 6.2.0", product: { name: "Red Hat Enterprise Linux < Migration Toolkit for Applications 6.2.0", product_id: "T029302", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:migration_toolkit_for_applications_6.2.0", }, }, }, ], category: "product_name", name: "Enterprise Linux", }, { branches: [ { category: "product_name", name: "Red Hat OpenShift < Service Mesh 2.2.9", product: { name: "Red Hat OpenShift < Service Mesh 2.2.9", product_id: "T029299", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:service_mesh_2.2.9", }, }, }, { category: "product_name", name: "Red Hat OpenShift < Service Mesh 2.3.6 Containers", product: { name: "Red Hat OpenShift < Service Mesh 2.3.6 Containers", product_id: "T029300", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:service_mesh_2.3.6_containers", }, }, }, { category: "product_name", name: "Red Hat OpenShift < Service Mesh 2.4.2 Containers", product: { name: "Red Hat OpenShift < Service Mesh 2.4.2 Containers", product_id: "T029301", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:service_mesh_2.4.2_containers", }, }, }, ], category: "product_name", name: "OpenShift", }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, ], }, vulnerabilities: [ { cve: "CVE-2023-35945", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-35945", }, { cve: "CVE-2023-35944", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-35944", }, { cve: "CVE-2023-35943", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-35943", }, { cve: "CVE-2023-35942", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-35942", }, { cve: "CVE-2023-35941", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-35941", }, { cve: "CVE-2023-27496", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27496", }, { cve: "CVE-2023-27493", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27493", }, { cve: "CVE-2023-27492", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27492", }, { cve: "CVE-2023-27491", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27491", }, { cve: "CVE-2023-27488", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27488", }, { cve: "CVE-2023-27487", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27487", }, ], }
wid-sec-w-2023-2058
Vulnerability from csaf_certbund
Published
2023-08-13 22:00
Modified
2023-10-08 22:00
Summary
Red Hat OpenShift Service Mesh und Service Mesh Containers: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.\r\nRed Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-2058 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2058.json", }, { category: "self", summary: "WID-SEC-2023-2058 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2058", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:3997-1 vom 2023-10-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016564.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALASECS-2023-007 vom 2023-09-27", url: "https://alas.aws.amazon.com/AL2/ALASECS-2023-007.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:5175 vom 2023-09-14", url: "https://access.redhat.com/errata/RHSA-2023:5175", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:5174 vom 2023-09-14", url: "https://access.redhat.com/errata/RHSA-2023:5174", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12772 vom 2023-09-11", url: "https://linux.oracle.com/errata/ELSA-2023-12772.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12781 vom 2023-09-08", url: "https://linux.oracle.com/errata/ELSA-2023-12781.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12780 vom 2023-09-08", url: "https://linux.oracle.com/errata/ELSA-2023-12780.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2023-12771 vom 2023-09-06", url: "https://linux.oracle.com/errata/ELSA-2023-12771.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS2ECS-2023-006 vom 2023-09-07", url: "https://alas.aws.amazon.com/AL2/ALASECS-2023-006.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:4627 vom 2023-08-13", url: "https://access.redhat.com/errata/RHSA-2023:4627", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:4625 vom 2023-08-13", url: "https://access.redhat.com/errata/RHSA-2023:4625", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:4624 vom 2023-08-13", url: "https://access.redhat.com/errata/RHSA-2023:4624", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:4623 vom 2023-08-13", url: "https://access.redhat.com/errata/RHSA-2023:4623", }, ], source_lang: "en-US", title: "Red Hat OpenShift Service Mesh und Service Mesh Containers: Mehrere Schwachstellen", tracking: { current_release_date: "2023-10-08T22:00:00.000+00:00", generator: { date: "2024-08-15T17:57:03.993+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-2058", initial_release_date: "2023-08-13T22:00:00.000+00:00", revision_history: [ { date: "2023-08-13T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-09-06T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Amazon und Oracle Linux aufgenommen", }, { date: "2023-09-10T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2023-09-11T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2023-09-14T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-09-27T22:00:00.000+00:00", number: "6", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2023-10-08T22:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, ], status: "final", version: "7", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux < Migration Toolkit for Applications 6.2.0", product: { name: "Red Hat Enterprise Linux < Migration Toolkit for Applications 6.2.0", product_id: "T029302", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:migration_toolkit_for_applications_6.2.0", }, }, }, ], category: "product_name", name: "Enterprise Linux", }, { branches: [ { category: "product_name", name: "Red Hat OpenShift < Service Mesh 2.2.9", product: { name: "Red Hat OpenShift < Service Mesh 2.2.9", product_id: "T029299", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:service_mesh_2.2.9", }, }, }, { category: "product_name", name: "Red Hat OpenShift < Service Mesh 2.3.6 Containers", product: { name: "Red Hat OpenShift < Service Mesh 2.3.6 Containers", product_id: "T029300", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:service_mesh_2.3.6_containers", }, }, }, { category: "product_name", name: "Red Hat OpenShift < Service Mesh 2.4.2 Containers", product: { name: "Red Hat OpenShift < Service Mesh 2.4.2 Containers", product_id: "T029301", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:service_mesh_2.4.2_containers", }, }, }, ], category: "product_name", name: "OpenShift", }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, ], }, vulnerabilities: [ { cve: "CVE-2023-35945", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-35945", }, { cve: "CVE-2023-35944", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-35944", }, { cve: "CVE-2023-35943", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-35943", }, { cve: "CVE-2023-35942", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-35942", }, { cve: "CVE-2023-35941", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-35941", }, { cve: "CVE-2023-27496", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27496", }, { cve: "CVE-2023-27493", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27493", }, { cve: "CVE-2023-27492", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27492", }, { cve: "CVE-2023-27491", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27491", }, { cve: "CVE-2023-27488", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27488", }, { cve: "CVE-2023-27487", notes: [ { category: "description", text: "In Red Hat OpenShift Service Mesh und Service Mesh Containers, sowie Red Hat Enterprise Linux existieren mehrere Schwachstellen in der Komponente \"Envoy\". Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen, Dateien zu manipulieren, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T002207", "67646", "398363", "T004914", ], }, release_date: "2023-08-13T22:00:00.000+00:00", title: "CVE-2023-27487", }, ], }
rhsa-2023:5174
Vulnerability from csaf_redhat
Published
2023-09-14 17:33
Modified
2025-03-19 20:15
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.3 security update
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.4.3
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
This advisory covers container images for the release.
Security Fix(es):
* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.4.3\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nThis advisory covers container images for the release.\n\nSecurity Fix(es):\n\n* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5174", url: "https://access.redhat.com/errata/RHSA-2023:5174", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "OSSM-1182", url: "https://issues.redhat.com/browse/OSSM-1182", }, { category: "external", summary: "OSSM-3508", url: "https://issues.redhat.com/browse/OSSM-3508", }, { category: "external", summary: "OSSM-3979", url: "https://issues.redhat.com/browse/OSSM-3979", }, { category: "external", summary: "OSSM-4247", url: "https://issues.redhat.com/browse/OSSM-4247", }, { category: "external", summary: "OSSM-4461", url: "https://issues.redhat.com/browse/OSSM-4461", }, { category: "external", summary: "OSSM-4491", url: "https://issues.redhat.com/browse/OSSM-4491", }, { category: "external", summary: "OSSM-4559", url: "https://issues.redhat.com/browse/OSSM-4559", }, { category: "external", summary: "OSSM-4627", url: "https://issues.redhat.com/browse/OSSM-4627", }, { category: "external", summary: "OSSM-4705", url: "https://issues.redhat.com/browse/OSSM-4705", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5174.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.3 security update", tracking: { current_release_date: "2025-03-19T20:15:37+00:00", generator: { date: "2025-03-19T20:15:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2023:5174", initial_release_date: "2023-09-14T17:33:40+00:00", revision_history: [ { date: "2023-09-14T17:33:40+00:00", number: "1", summary: "Initial version", }, { date: "2023-09-14T17:33:40+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T20:15:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.4 for RHEL 8", product: { name: "RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.4::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, ], }, vulnerabilities: [ { cve: "CVE-2023-35942", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217978", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where gRPC access loggers using the listener's global scope can cause a use-after-free crash when the listener is drained. This issue can be triggered by a listener discovery service (LDS) update with the same gRPC access log configuration.", title: "Vulnerability description", }, { category: "summary", text: "envoy: gRPC access log crash caused by the listener draining", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", ], known_not_affected: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35942", }, { category: "external", summary: "RHBZ#2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35942", url: "https://www.cve.org/CVERecord?id=CVE-2023-35942", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-09-14T17:33:40+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5174", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: gRPC access log crash caused by the listener draining", }, ], }
rhsa-2023:4624
Vulnerability from csaf_redhat
Published
2023-08-11 16:47
Modified
2024-11-23 00:01
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.6 security update
Notes
Topic
Red Hat OpenShift Service Mesh 2.3.6 Containers
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
Security Fix(es):
* envoy: OAuth2 credentials exploit with permanent validity (CVE-2023-35941)
* envoy: Incorrect handling of HTTP requests and responses with mixed case schemes (CVE-2023-35944)
* envoy: HTTP/2 memory leak in nghttp2 codec (CVE-2023-35945)
* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)
* envoy: CORS filter segfault when origin header is removed (CVE-2023-35943)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh 2.3.6 Containers\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* envoy: OAuth2 credentials exploit with permanent validity (CVE-2023-35941)\n\n* envoy: Incorrect handling of HTTP requests and responses with mixed case schemes (CVE-2023-35944)\n\n* envoy: HTTP/2 memory leak in nghttp2 codec (CVE-2023-35945)\n\n* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)\n\n* envoy: CORS filter segfault when origin header is removed (CVE-2023-35943)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:4624", url: "https://access.redhat.com/errata/RHSA-2023:4624", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2217977", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217977", }, { category: "external", summary: "2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "2217983", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217983", }, { category: "external", summary: "2217985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217985", }, { category: "external", summary: "2217987", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217987", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4624.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.6 security update", tracking: { current_release_date: "2024-11-23T00:01:31+00:00", generator: { date: "2024-11-23T00:01:31+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2023:4624", initial_release_date: "2023-08-11T16:47:28+00:00", revision_history: [ { date: "2023-08-11T16:47:28+00:00", number: "1", summary: "Initial version", }, { date: "2023-08-11T16:47:28+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-23T00:01:31+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.3 for RHEL 8", product: { name: "RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.3::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", product: { name: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", product_id: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", product_identification_helper: { purl: "pkg:oci/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.3.6-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.3.6-1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", product: { name: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", product_id: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", product_identification_helper: { purl: "pkg:oci/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.3.6-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.3.6-1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", product: { name: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", product_id: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", product_identification_helper: { purl: "pkg:oci/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.3.6-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.3.6-1", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", }, product_reference: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", }, product_reference: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", }, product_reference: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, ], }, vulnerabilities: [ { cve: "CVE-2023-35941", cwe: { id: "CWE-303", name: "Incorrect Implementation of Authentication Algorithm", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217977", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where a malicious client can construct credentials with permanent validity in a specific scenario. This issue is caused by some rare scenarios, such as the combination of host and expiration time, in which the HMAC payload can always be valid in the OAuth2 filter's HMAC check.", title: "Vulnerability description", }, { category: "summary", text: "envoy: OAuth2 credentials exploit with permanent validity", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35941", }, { category: "external", summary: "RHBZ#2217977", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217977", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35941", url: "https://www.cve.org/CVERecord?id=CVE-2023-35941", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35941", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35941", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: OAuth2 credentials exploit with permanent validity", }, { cve: "CVE-2023-35942", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217978", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where gRPC access loggers using the listener's global scope can cause a use-after-free crash when the listener is drained. This issue can be triggered by a listener discovery service (LDS) update with the same gRPC access log configuration.", title: "Vulnerability description", }, { category: "summary", text: "envoy: gRPC access log crash caused by the listener draining", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35942", }, { category: "external", summary: "RHBZ#2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35942", url: "https://www.cve.org/CVERecord?id=CVE-2023-35942", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: gRPC access log crash caused by the listener draining", }, { cve: "CVE-2023-35943", discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217987", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy. Suppose an origin header is configured to be removed with request_headers_to_remove: origin. The CORS filter will segfault and crash Envoy when the origin header is removed and deleted between decodeHeaders and encodeHeaders.", title: "Vulnerability description", }, { category: "summary", text: "envoy: CORS filter segfault when origin header is removed", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35943", }, { category: "external", summary: "RHBZ#2217987", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217987", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35943", url: "https://www.cve.org/CVERecord?id=CVE-2023-35943", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35943", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35943", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: CORS filter segfault when origin header is removed", }, { cve: "CVE-2023-35944", cwe: { id: "CWE-178", name: "Improper Handling of Case Sensitivity", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217985", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy that allows for mixed-case schemes in HTTP/2. However, some internal scheme checks in Envoy are case-sensitive, leading to incorrect handling of requests and responses with mixed case schemes. For example, if a request with a mixed scheme HTTP is sent to the OAuth2 filter, it will fail the exact-match checks for HTTP and inform the remote endpoint the scheme is HTTP, thus potentially bypassing OAuth2 checks specific to HTTP requests.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Incorrect handling of HTTP requests and responses with mixed case schemes", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35944", }, { category: "external", summary: "RHBZ#2217985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35944", url: "https://www.cve.org/CVERecord?id=CVE-2023-35944", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35944", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35944", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: Incorrect handling of HTTP requests and responses with mixed case schemes", }, { acknowledgments: [ { names: [ "Yan Avlasov", ], organization: "Google", }, ], cve: "CVE-2023-35945", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217983", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where a specifically crafted response from an untrusted upstream service can cause a denial of service through memory exhaustion. This issue is caused by Envoy’s HTTP/2 codec, which may leak a header map and bookkeeping structures upon receiving RST_STREAM immediately, followed by the GOAWAY frames from an upstream server.", title: "Vulnerability description", }, { category: "summary", text: "envoy: HTTP/2 memory leak in nghttp2 codec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35945", }, { category: "external", summary: "RHBZ#2217983", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217983", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35945", url: "https://www.cve.org/CVERecord?id=CVE-2023-35945", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35945", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35945", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r", }, ], release_date: "2023-07-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: HTTP/2 memory leak in nghttp2 codec", }, ], }
RHSA-2023:5174
Vulnerability from csaf_redhat
Published
2023-09-14 17:33
Modified
2025-03-19 20:15
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.3 security update
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.4.3
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
This advisory covers container images for the release.
Security Fix(es):
* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.4.3\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nThis advisory covers container images for the release.\n\nSecurity Fix(es):\n\n* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5174", url: "https://access.redhat.com/errata/RHSA-2023:5174", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "OSSM-1182", url: "https://issues.redhat.com/browse/OSSM-1182", }, { category: "external", summary: "OSSM-3508", url: "https://issues.redhat.com/browse/OSSM-3508", }, { category: "external", summary: "OSSM-3979", url: "https://issues.redhat.com/browse/OSSM-3979", }, { category: "external", summary: "OSSM-4247", url: "https://issues.redhat.com/browse/OSSM-4247", }, { category: "external", summary: "OSSM-4461", url: "https://issues.redhat.com/browse/OSSM-4461", }, { category: "external", summary: "OSSM-4491", url: "https://issues.redhat.com/browse/OSSM-4491", }, { category: "external", summary: "OSSM-4559", url: "https://issues.redhat.com/browse/OSSM-4559", }, { category: "external", summary: "OSSM-4627", url: "https://issues.redhat.com/browse/OSSM-4627", }, { category: "external", summary: "OSSM-4705", url: "https://issues.redhat.com/browse/OSSM-4705", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5174.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.3 security update", tracking: { current_release_date: "2025-03-19T20:15:37+00:00", generator: { date: "2025-03-19T20:15:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2023:5174", initial_release_date: "2023-09-14T17:33:40+00:00", revision_history: [ { date: "2023-09-14T17:33:40+00:00", number: "1", summary: "Initial version", }, { date: "2023-09-14T17:33:40+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T20:15:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.4 for RHEL 8", product: { name: "RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.4::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, ], }, vulnerabilities: [ { cve: "CVE-2023-35942", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217978", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where gRPC access loggers using the listener's global scope can cause a use-after-free crash when the listener is drained. This issue can be triggered by a listener discovery service (LDS) update with the same gRPC access log configuration.", title: "Vulnerability description", }, { category: "summary", text: "envoy: gRPC access log crash caused by the listener draining", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", ], known_not_affected: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35942", }, { category: "external", summary: "RHBZ#2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35942", url: "https://www.cve.org/CVERecord?id=CVE-2023-35942", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-09-14T17:33:40+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5174", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: gRPC access log crash caused by the listener draining", }, ], }
RHSA-2023:4624
Vulnerability from csaf_redhat
Published
2023-08-11 16:47
Modified
2024-11-23 00:01
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.6 security update
Notes
Topic
Red Hat OpenShift Service Mesh 2.3.6 Containers
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
Security Fix(es):
* envoy: OAuth2 credentials exploit with permanent validity (CVE-2023-35941)
* envoy: Incorrect handling of HTTP requests and responses with mixed case schemes (CVE-2023-35944)
* envoy: HTTP/2 memory leak in nghttp2 codec (CVE-2023-35945)
* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)
* envoy: CORS filter segfault when origin header is removed (CVE-2023-35943)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh 2.3.6 Containers\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* envoy: OAuth2 credentials exploit with permanent validity (CVE-2023-35941)\n\n* envoy: Incorrect handling of HTTP requests and responses with mixed case schemes (CVE-2023-35944)\n\n* envoy: HTTP/2 memory leak in nghttp2 codec (CVE-2023-35945)\n\n* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)\n\n* envoy: CORS filter segfault when origin header is removed (CVE-2023-35943)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:4624", url: "https://access.redhat.com/errata/RHSA-2023:4624", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2217977", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217977", }, { category: "external", summary: "2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "2217983", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217983", }, { category: "external", summary: "2217985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217985", }, { category: "external", summary: "2217987", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217987", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4624.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.6 security update", tracking: { current_release_date: "2024-11-23T00:01:31+00:00", generator: { date: "2024-11-23T00:01:31+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2023:4624", initial_release_date: "2023-08-11T16:47:28+00:00", revision_history: [ { date: "2023-08-11T16:47:28+00:00", number: "1", summary: "Initial version", }, { date: "2023-08-11T16:47:28+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-23T00:01:31+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.3 for RHEL 8", product: { name: "RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.3::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", product: { name: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", product_id: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", product_identification_helper: { purl: "pkg:oci/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.3.6-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.3.6-1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", product: { name: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", product_id: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", product_identification_helper: { purl: "pkg:oci/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.3.6-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.3.6-1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", product: { name: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", product_id: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", product_identification_helper: { purl: "pkg:oci/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.3.6-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.3.6-1", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", }, product_reference: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", }, product_reference: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", }, product_reference: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, ], }, vulnerabilities: [ { cve: "CVE-2023-35941", cwe: { id: "CWE-303", name: "Incorrect Implementation of Authentication Algorithm", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217977", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where a malicious client can construct credentials with permanent validity in a specific scenario. This issue is caused by some rare scenarios, such as the combination of host and expiration time, in which the HMAC payload can always be valid in the OAuth2 filter's HMAC check.", title: "Vulnerability description", }, { category: "summary", text: "envoy: OAuth2 credentials exploit with permanent validity", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35941", }, { category: "external", summary: "RHBZ#2217977", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217977", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35941", url: "https://www.cve.org/CVERecord?id=CVE-2023-35941", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35941", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35941", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: OAuth2 credentials exploit with permanent validity", }, { cve: "CVE-2023-35942", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217978", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where gRPC access loggers using the listener's global scope can cause a use-after-free crash when the listener is drained. This issue can be triggered by a listener discovery service (LDS) update with the same gRPC access log configuration.", title: "Vulnerability description", }, { category: "summary", text: "envoy: gRPC access log crash caused by the listener draining", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35942", }, { category: "external", summary: "RHBZ#2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35942", url: "https://www.cve.org/CVERecord?id=CVE-2023-35942", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: gRPC access log crash caused by the listener draining", }, { cve: "CVE-2023-35943", discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217987", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy. Suppose an origin header is configured to be removed with request_headers_to_remove: origin. The CORS filter will segfault and crash Envoy when the origin header is removed and deleted between decodeHeaders and encodeHeaders.", title: "Vulnerability description", }, { category: "summary", text: "envoy: CORS filter segfault when origin header is removed", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35943", }, { category: "external", summary: "RHBZ#2217987", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217987", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35943", url: "https://www.cve.org/CVERecord?id=CVE-2023-35943", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35943", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35943", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: CORS filter segfault when origin header is removed", }, { cve: "CVE-2023-35944", cwe: { id: "CWE-178", name: "Improper Handling of Case Sensitivity", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217985", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy that allows for mixed-case schemes in HTTP/2. However, some internal scheme checks in Envoy are case-sensitive, leading to incorrect handling of requests and responses with mixed case schemes. For example, if a request with a mixed scheme HTTP is sent to the OAuth2 filter, it will fail the exact-match checks for HTTP and inform the remote endpoint the scheme is HTTP, thus potentially bypassing OAuth2 checks specific to HTTP requests.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Incorrect handling of HTTP requests and responses with mixed case schemes", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35944", }, { category: "external", summary: "RHBZ#2217985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35944", url: "https://www.cve.org/CVERecord?id=CVE-2023-35944", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35944", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35944", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: Incorrect handling of HTTP requests and responses with mixed case schemes", }, { acknowledgments: [ { names: [ "Yan Avlasov", ], organization: "Google", }, ], cve: "CVE-2023-35945", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217983", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where a specifically crafted response from an untrusted upstream service can cause a denial of service through memory exhaustion. This issue is caused by Envoy’s HTTP/2 codec, which may leak a header map and bookkeeping structures upon receiving RST_STREAM immediately, followed by the GOAWAY frames from an upstream server.", title: "Vulnerability description", }, { category: "summary", text: "envoy: HTTP/2 memory leak in nghttp2 codec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35945", }, { category: "external", summary: "RHBZ#2217983", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217983", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35945", url: "https://www.cve.org/CVERecord?id=CVE-2023-35945", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35945", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35945", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r", }, ], release_date: "2023-07-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: HTTP/2 memory leak in nghttp2 codec", }, ], }
rhsa-2023_5174
Vulnerability from csaf_redhat
Published
2023-09-14 17:33
Modified
2024-11-23 00:01
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.3 security update
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.4.3
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
This advisory covers container images for the release.
Security Fix(es):
* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.4.3\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nThis advisory covers container images for the release.\n\nSecurity Fix(es):\n\n* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5174", url: "https://access.redhat.com/errata/RHSA-2023:5174", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "OSSM-1182", url: "https://issues.redhat.com/browse/OSSM-1182", }, { category: "external", summary: "OSSM-3508", url: "https://issues.redhat.com/browse/OSSM-3508", }, { category: "external", summary: "OSSM-3979", url: "https://issues.redhat.com/browse/OSSM-3979", }, { category: "external", summary: "OSSM-4247", url: "https://issues.redhat.com/browse/OSSM-4247", }, { category: "external", summary: "OSSM-4461", url: "https://issues.redhat.com/browse/OSSM-4461", }, { category: "external", summary: "OSSM-4491", url: "https://issues.redhat.com/browse/OSSM-4491", }, { category: "external", summary: "OSSM-4559", url: "https://issues.redhat.com/browse/OSSM-4559", }, { category: "external", summary: "OSSM-4627", url: "https://issues.redhat.com/browse/OSSM-4627", }, { category: "external", summary: "OSSM-4705", url: "https://issues.redhat.com/browse/OSSM-4705", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5174.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.3 security update", tracking: { current_release_date: "2024-11-23T00:01:47+00:00", generator: { date: "2024-11-23T00:01:47+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2023:5174", initial_release_date: "2023-09-14T17:33:40+00:00", revision_history: [ { date: "2023-09-14T17:33:40+00:00", number: "1", summary: "Initial version", }, { date: "2023-09-14T17:33:40+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-23T00:01:47+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.4 for RHEL 8", product: { name: "RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.4::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.4.3-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", product: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", product_id: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator&tag=1.65.8-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.4.3-5", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", product: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", product_id: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", product_identification_helper: { purl: "pkg:oci/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator&tag=2.4.3-13", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.4.3-9", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.4.3-7", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.4.3-2", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", }, product_reference: "openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64 as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", relates_to_product_reference: "8Base-RHOSSM-2.4", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x as a component of RHOSSM 2.4 for RHEL 8", product_id: "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", relates_to_product_reference: "8Base-RHOSSM-2.4", }, ], }, vulnerabilities: [ { cve: "CVE-2023-35942", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217978", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where gRPC access loggers using the listener's global scope can cause a use-after-free crash when the listener is drained. This issue can be triggered by a listener discovery service (LDS) update with the same gRPC access log configuration.", title: "Vulnerability description", }, { category: "summary", text: "envoy: gRPC access log crash caused by the listener draining", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", ], known_not_affected: [ "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:1d0373ca090a91b1a26add051c668b4db7986db066ba36f792b94731d9d63a22_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6bc7fe98083324fb541ad4b02866ffee094721fc51ea0410041902ca1d8fc010_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:6def5c25ebf96a413a8b39a1f89525c9285c47015c33937c05f17da4751d7053_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:f039122ba1713d257d600c686fc1ab0989eeb8cdff81a3f0cb4b3c07c9f68864_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:15400b87ddb1e5c33554278802d57b8422aa88de29a3c64aa9b4452d450a87a6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:2fa3223cd2ce127dcf1f2f374647671e88b0648420e03f68c2bc93103020e50b_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:b033af42b9c4b0c688f7af4fa98d57e2f66f973ab8627c08527eae8f9c58f892_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:c20e558ab91554c579178f9088f7a691acb557b2fc7528cf8e0768852c57e5b4_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1a7d34f4ae3c3629c1840491379145fa0553f53c4d1dcdcbaceaf3c536d815b6_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:3b89915f208b61fdc8630e3ad54050a60576b40331eac8d88fe432aa5f667021_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:c9291488f6c8d374af2bd4b144ded86507e0c89c0f41be47206d9565f670db12_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e14e1b3d5cf1dec91ee2621c2e1b80401c30d349434bd26fb8a276cc0224942e_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:036cf16e38c98408aa8de30da0dbc159902a9e12c5a7463707436e2fd94e6215_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:72b732762519ad5ec504166b58a15dc5974f6250fc565f16dce98e3c9dfa0f3a_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:77c14339c06bf33f56cb7a33a1812186b3c025c6234d8574f8eafb0b9dee7072_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/istio-rhel8-operator@sha256:fed31e6b657f93e080acc90fd05c5bcaf79170eecfd0fd35a7396a6d679866f6_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:047d78c2e420a442611554fd22684bd1138c2599817741323773e314c43008dc_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:6c4fbfe75338e0715d02ba69388ad8c492807962222ff0e8d9ca9ebb9b7fc214_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:b01d3ef882f26764a5cfd2375bbe3e42778ca80158264e4e45297ebe0adedeb7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8-operator@sha256:fa63641d22e2701dd06a96e09479e8d313df8d479bc1bbdbd230851eed47717a_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:93e94afa56baa1c81b81d935e62fd0c568d65a3ed5130e1d8ddf265d93c906d7_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:956e949073b90ed152c8041380bd3c9fdc3865c593f25fb063cf7afa763e51d8_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:a9d8d6b1475eb8ab1aa61d7a76ec05ddccf3f6e0e511d22a3fba308eaf5a7504_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:d15b49cef4c2b96beec787e6a122cbbf567280cc37c30c6953f19a9e962b52c9_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:0b5dbe4ac53ef0a926d2f8438fdd64e148585974a9d436e78cdb7615211e8a0c_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:4c2e2efc201a2cdc167071e6001c52404ae15ced1b777cb1462c79c6b1cda0bd_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:88e4a906a7337289043e01fc6fcbc68de65fabf2ccbe10aa166fda3488847c4d_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:b75907822356c05807fa0939775c74b428cf995b03f04bb298b143ddcadffc28_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:12a1e1ef1210f3cd50f0c82a0ce02101c188edde8e713d0dde88ea6f1396b479_ppc64le", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:3a75674bd2adf66e1aae0461c0c89681b453dc6b5fa4496f090252cee2300136_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:495eb5b0225e22d9ce2c8b71584513b0c1323ec208d2022735aac6d6397a68ad_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ce5904e6563fef477ed2d7fd8fb5d98843ed3304d5bfb0a898ca1e8553aa7516_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35942", }, { category: "external", summary: "RHBZ#2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35942", url: "https://www.cve.org/CVERecord?id=CVE-2023-35942", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-09-14T17:33:40+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5174", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:356a674c259edaa6c8699e1459c168cb97d2b400b633993818abed80f78cb455_arm64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:45c30dca9e3f5687a3f333d29daacc8548f3f733981bc17f58c1411d844991ec_s390x", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:be864a665faeb9f907667061792a91ba196ca38bbc634e225a04ad1da0e243c5_amd64", "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:c13a1e17ed0549f7ce739f789821ff793a61e2d23b697fb4a956dd08102be9bd_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: gRPC access log crash caused by the listener draining", }, ], }
rhsa-2023_4624
Vulnerability from csaf_redhat
Published
2023-08-11 16:47
Modified
2024-11-23 00:01
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.6 security update
Notes
Topic
Red Hat OpenShift Service Mesh 2.3.6 Containers
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
Security Fix(es):
* envoy: OAuth2 credentials exploit with permanent validity (CVE-2023-35941)
* envoy: Incorrect handling of HTTP requests and responses with mixed case schemes (CVE-2023-35944)
* envoy: HTTP/2 memory leak in nghttp2 codec (CVE-2023-35945)
* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)
* envoy: CORS filter segfault when origin header is removed (CVE-2023-35943)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh 2.3.6 Containers\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* envoy: OAuth2 credentials exploit with permanent validity (CVE-2023-35941)\n\n* envoy: Incorrect handling of HTTP requests and responses with mixed case schemes (CVE-2023-35944)\n\n* envoy: HTTP/2 memory leak in nghttp2 codec (CVE-2023-35945)\n\n* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)\n\n* envoy: CORS filter segfault when origin header is removed (CVE-2023-35943)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:4624", url: "https://access.redhat.com/errata/RHSA-2023:4624", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2217977", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217977", }, { category: "external", summary: "2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "2217983", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217983", }, { category: "external", summary: "2217985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217985", }, { category: "external", summary: "2217987", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217987", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4624.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.6 security update", tracking: { current_release_date: "2024-11-23T00:01:31+00:00", generator: { date: "2024-11-23T00:01:31+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2023:4624", initial_release_date: "2023-08-11T16:47:28+00:00", revision_history: [ { date: "2023-08-11T16:47:28+00:00", number: "1", summary: "Initial version", }, { date: "2023-08-11T16:47:28+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-23T00:01:31+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.3 for RHEL 8", product: { name: "RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.3::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", product: { name: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", product_id: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", product_identification_helper: { purl: "pkg:oci/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.3.6-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.3.6-1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", product: { name: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", product_id: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", product_identification_helper: { purl: "pkg:oci/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.3.6-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.3.6-1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", product: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", product_id: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", product_identification_helper: { purl: "pkg:oci/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.3.6-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", product: { name: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", product_id: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", product_identification_helper: { purl: "pkg:oci/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8&tag=2.3.6-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.3.6-4", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.3.6-1", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", }, product_reference: "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", }, product_reference: "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", }, product_reference: "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", }, product_reference: "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64 as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", relates_to_product_reference: "8Base-RHOSSM-2.3", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x as a component of RHOSSM 2.3 for RHEL 8", product_id: "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", relates_to_product_reference: "8Base-RHOSSM-2.3", }, ], }, vulnerabilities: [ { cve: "CVE-2023-35941", cwe: { id: "CWE-303", name: "Incorrect Implementation of Authentication Algorithm", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217977", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where a malicious client can construct credentials with permanent validity in a specific scenario. This issue is caused by some rare scenarios, such as the combination of host and expiration time, in which the HMAC payload can always be valid in the OAuth2 filter's HMAC check.", title: "Vulnerability description", }, { category: "summary", text: "envoy: OAuth2 credentials exploit with permanent validity", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35941", }, { category: "external", summary: "RHBZ#2217977", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217977", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35941", url: "https://www.cve.org/CVERecord?id=CVE-2023-35941", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35941", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35941", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: OAuth2 credentials exploit with permanent validity", }, { cve: "CVE-2023-35942", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217978", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where gRPC access loggers using the listener's global scope can cause a use-after-free crash when the listener is drained. This issue can be triggered by a listener discovery service (LDS) update with the same gRPC access log configuration.", title: "Vulnerability description", }, { category: "summary", text: "envoy: gRPC access log crash caused by the listener draining", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35942", }, { category: "external", summary: "RHBZ#2217978", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217978", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35942", url: "https://www.cve.org/CVERecord?id=CVE-2023-35942", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35942", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: gRPC access log crash caused by the listener draining", }, { cve: "CVE-2023-35943", discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217987", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy. Suppose an origin header is configured to be removed with request_headers_to_remove: origin. The CORS filter will segfault and crash Envoy when the origin header is removed and deleted between decodeHeaders and encodeHeaders.", title: "Vulnerability description", }, { category: "summary", text: "envoy: CORS filter segfault when origin header is removed", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35943", }, { category: "external", summary: "RHBZ#2217987", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217987", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35943", url: "https://www.cve.org/CVERecord?id=CVE-2023-35943", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35943", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35943", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "envoy: CORS filter segfault when origin header is removed", }, { cve: "CVE-2023-35944", cwe: { id: "CWE-178", name: "Improper Handling of Case Sensitivity", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217985", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy that allows for mixed-case schemes in HTTP/2. However, some internal scheme checks in Envoy are case-sensitive, leading to incorrect handling of requests and responses with mixed case schemes. For example, if a request with a mixed scheme HTTP is sent to the OAuth2 filter, it will fail the exact-match checks for HTTP and inform the remote endpoint the scheme is HTTP, thus potentially bypassing OAuth2 checks specific to HTTP requests.", title: "Vulnerability description", }, { category: "summary", text: "envoy: Incorrect handling of HTTP requests and responses with mixed case schemes", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35944", }, { category: "external", summary: "RHBZ#2217985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35944", url: "https://www.cve.org/CVERecord?id=CVE-2023-35944", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35944", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35944", }, ], release_date: "2023-07-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: Incorrect handling of HTTP requests and responses with mixed case schemes", }, { acknowledgments: [ { names: [ "Yan Avlasov", ], organization: "Google", }, ], cve: "CVE-2023-35945", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-06-27T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2217983", }, ], notes: [ { category: "description", text: "A flaw was found in Envoy, where a specifically crafted response from an untrusted upstream service can cause a denial of service through memory exhaustion. This issue is caused by Envoy’s HTTP/2 codec, which may leak a header map and bookkeeping structures upon receiving RST_STREAM immediately, followed by the GOAWAY frames from an upstream server.", title: "Vulnerability description", }, { category: "summary", text: "envoy: HTTP/2 memory leak in nghttp2 codec", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], known_not_affected: [ "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x", "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-35945", }, { category: "external", summary: "RHBZ#2217983", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2217983", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-35945", url: "https://www.cve.org/CVERecord?id=CVE-2023-35945", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-35945", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-35945", }, { category: "external", summary: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r", }, ], release_date: "2023-07-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-08-11T16:47:28+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:4624", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le", "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "envoy: HTTP/2 memory leak in nghttp2 codec", }, ], }
fkie_cve-2023-35942
Vulnerability from fkie_nvd
Published
2023-07-25 19:15
Modified
2024-11-21 08:09
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| envoyproxy | envoy | * | |
| envoyproxy | envoy | * | |
| envoyproxy | envoy | * | |
| envoyproxy | envoy | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*", matchCriteriaId: "588736F6-2FDC-4CF7-AFFA-7CFE16ED6EC6", versionEndExcluding: "1.23.12", versionStartIncluding: "1.23.0", vulnerable: true, }, { criteria: "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*", matchCriteriaId: "D8412E60-1C2F-4764-94F5-563FAA297466", versionEndExcluding: "1.24.10", versionStartIncluding: "1.24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*", matchCriteriaId: "0EC8FEB8-BB13-443C-8905-30B03F8F52E6", versionEndExcluding: "1.25.9", versionStartIncluding: "1.25.0", vulnerable: true, }, { criteria: "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*", matchCriteriaId: "DA35F763-2810-4231-B5A9-93310BF7B765", versionEndExcluding: "1.26.4", versionStartIncluding: "1.26.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.", }, ], id: "CVE-2023-35942", lastModified: "2024-11-21T08:09:01.420", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-07-25T19:15:11.050", references: [ { source: "security-advisories@github.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }
gsd-2023-35942
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.
Aliases
Aliases
{ GSD: { alias: "CVE-2023-35942", id: "GSD-2023-35942", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2023-35942", ], details: "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.", id: "GSD-2023-35942", modified: "2023-12-13T01:20:45.961689Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2023-35942", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "envoy", version: { version_data: [ { version_affected: "=", version_value: ">= 1.26.0, < 1.26.4", }, { version_affected: "=", version_value: ">= 1.25.0, < 1.25.9", }, { version_affected: "=", version_value: ">= 1.24.0, < 1.24.10", }, { version_affected: "=", version_value: "< 1.23.12", }, ], }, }, ], }, vendor_name: "envoyproxy", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.", }, ], }, impact: { cvss: [ { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-416", lang: "eng", value: "CWE-416: Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4", refsource: "MISC", url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4", }, ], }, source: { advisory: "GHSA-69vr-g55c-v2v4", discovery: "UNKNOWN", }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.24.10", versionStartIncluding: "1.24.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.25.9", versionStartIncluding: "1.25.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.26.4", versionStartIncluding: "1.26.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.23.12", versionStartIncluding: "1.23.0", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2023-35942", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-416", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4", refsource: "MISC", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4", }, ], }, }, impact: { baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, }, }, lastModifiedDate: "2023-08-02T18:36Z", publishedDate: "2023-07-25T19:15Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.