Action not permitted
Modal body text goes here.
cve-2024-32475
Vulnerability from cvelistv5
Published
2024-04-18 14:18
Modified
2024-08-02 02:13
Severity ?
EPSS score ?
Summary
Envoy RELEASE_ASSERT using auto_sni with :authority header > 255 bytes
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| envoyproxy | envoy |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "envoy",
"vendor": "envoyproxy",
"versions": [
{
"lessThan": "1.27.5",
"status": "affected",
"version": "1.13.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32475",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T19:38:07.050413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:51:20.709Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:13:39.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
},
{
"name": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "envoy",
"vendor": "envoyproxy",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.30.0, \u003c 11.30.1"
},
{
"status": "affected",
"version": "\u003e= 1.29.0, \u003c 1.29.4"
},
{
"status": "affected",
"version": "\u003e= 1.28.0, \u003c 1.28.3"
},
{
"status": "affected",
"version": "\u003e= 1.13.0, \u003c 1.27.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when setting SNI for outbound TLS connection. The error can occur when Envoy attempts to use the `host`/`:authority` header value longer than 255 characters as SNI for outbound TLS connection. SNI length is limited to 255 characters per the standard. Envoy always expects this operation to succeed and abnormally aborts the process when it fails. This vulnerability is fixed in 1.30.1, 1.29.4, 1.28.3, and 1.27.5.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-253",
"description": "CWE-253: Incorrect Check of Function Return Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-617",
"description": "CWE-617: Reachable Assertion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-18T14:18:18.947Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
},
{
"name": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
}
],
"source": {
"advisory": "GHSA-3mh5-6q8v-25wj",
"discovery": "UNKNOWN"
},
"title": "Envoy RELEASE_ASSERT using auto_sni with :authority header \u003e 255 bytes"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-32475",
"datePublished": "2024-04-18T14:18:18.947Z",
"dateReserved": "2024-04-12T19:41:51.167Z",
"dateUpdated": "2024-08-02T02:13:39.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-32475\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-04-18T15:15:30.670\",\"lastModified\":\"2024-04-18T18:25:55.267\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when setting SNI for outbound TLS connection. The error can occur when Envoy attempts to use the `host`/`:authority` header value longer than 255 characters as SNI for outbound TLS connection. SNI length is limited to 255 characters per the standard. Envoy always expects this operation to succeed and abnormally aborts the process when it fails. This vulnerability is fixed in 1.30.1, 1.29.4, 1.28.3, and 1.27.5.\\n\"},{\"lang\":\"es\",\"value\":\"Envoy es un proxy de servicio y borde de c\u00f3digo abierto, nativo de la nube. Cuando se utiliza un cl\u00faster TLS ascendente con `auto_sni` habilitado, una solicitud que contiene un encabezado `host`/`:authority` de m\u00e1s de 255 caracteres desencadena una terminaci\u00f3n anormal del proceso de Envoy. Envoy no maneja correctamente un error al configurar SNI para la conexi\u00f3n TLS saliente. El error puede ocurrir cuando Envoy intenta usar el valor del encabezado `host`/`:authority` de m\u00e1s de 255 caracteres como SNI para la conexi\u00f3n TLS saliente. La longitud del SNI est\u00e1 limitada a 255 caracteres seg\u00fan el est\u00e1ndar. Envoy siempre espera que esta operaci\u00f3n tenga \u00e9xito y aborta el proceso de forma anormal cuando falla. Esta vulnerabilidad se solucion\u00f3 en 1.30.1, 1.29.4, 1.28.3 y 1.27.5.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-253\"},{\"lang\":\"en\",\"value\":\"CWE-617\"}]}],\"references\":[{\"url\":\"https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj\",\"source\":\"security-advisories@github.com\"}]}}"
}
}
rhsa-2024_7724
Vulnerability from csaf_redhat
Published
2024-10-07 09:22
Modified
2024-11-13 21:16
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.4.11
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.4.11\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7724",
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7724.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11",
"tracking": {
"current_release_date": "2024-11-13T21:16:30+00:00",
"generator": {
"date": "2024-11-13T21:16:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2024:7724",
"initial_release_date": "2024-10-07T09:22:37+00:00",
"revision_history": [
{
"date": "2024-10-07T09:22:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:22:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T21:16:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.4 for RHEL 8",
"product": {
"name": "RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-32475",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2024-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276149"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32475"
},
{
"category": "external",
"summary": "RHBZ#2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters"
},
{
"cve": "CVE-2024-32976",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy\u0027s Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Brotli decompressor infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32976"
},
{
"category": "external",
"summary": "RHBZ#2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: Brotli decompressor infinite loop"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
}
]
}
rhsa-2024_7725
Vulnerability from csaf_redhat
Published
2024-10-07 09:24
Modified
2024-11-13 21:16
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.5.5
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* envoy: abnormal termination when using auto_sni with authority header longer
than 255 characters (CVE-2024-32475)
* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.5\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* envoy: abnormal termination when using auto_sni with authority header longer\nthan 255 characters (CVE-2024-32475)\n* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7725",
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2259228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259228"
},
{
"category": "external",
"summary": "2272986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272986"
},
{
"category": "external",
"summary": "2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7725.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5",
"tracking": {
"current_release_date": "2024-11-13T21:16:20+00:00",
"generator": {
"date": "2024-11-13T21:16:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2024:7725",
"initial_release_date": "2024-10-07T09:24:53+00:00",
"revision_history": [
{
"date": "2024-10-07T09:24:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:24:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T21:16:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-23326",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2024-01-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2259228"
}
],
"notes": [
{
"category": "description",
"text": "A possible request smuggling vulnerability exists through Envoy. This issue occurs if a server can be tricked into adding an upgrade header into a response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23326"
},
{
"category": "external",
"summary": "RHBZ#2259228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259228"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23326"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode"
},
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2024-30255",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"discovery_date": "2024-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272986"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in how Envoy Proxy implements the HTTP/2 codec. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which could use up compute resources to cause a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Moderate, in alignment with upstream Envoy. The worst case scenario is excessive CPU utilization causing a denial of service. Once an attack has ended, the system should return to normal operations on its own.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30255"
},
{
"category": "external",
"summary": "RHBZ#2272986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272986"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30255"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30255",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30255"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood"
},
{
"cve": "CVE-2024-32475",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2024-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276149"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32475"
},
{
"category": "external",
"summary": "RHBZ#2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters"
},
{
"cve": "CVE-2024-32976",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy\u0027s Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Brotli decompressor infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32976"
},
{
"category": "external",
"summary": "RHBZ#2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: Brotli decompressor infinite loop"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"acknowledgments": [
{
"names": [
"Mike Whale"
]
},
{
"names": [
"James Force"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-45806",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2024-09-20T00:40:20.976812+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313683"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy\u0027s default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Potential to manipulate `x-envoy` headers from external sources",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat\u0027s CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45806"
},
{
"category": "external",
"summary": "RHBZ#2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf"
}
],
"release_date": "2024-09-20T00:15:02.293000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Potential to manipulate `x-envoy` headers from external sources"
}
]
}
gsd-2024-32475
Vulnerability from gsd
Modified
2024-04-13 05:02
Details
Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when setting SNI for outbound TLS connection. The error can occur when Envoy attempts to use the `host`/`:authority` header value longer than 255 characters as SNI for outbound TLS connection. SNI length is limited to 255 characters per the standard. Envoy always expects this operation to succeed and abnormally aborts the process when it fails. This vulnerability is fixed in 1.30.1, 1.29.4, 1.28.3, and 1.27.5.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-32475"
],
"details": "Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when setting SNI for outbound TLS connection. The error can occur when Envoy attempts to use the `host`/`:authority` header value longer than 255 characters as SNI for outbound TLS connection. SNI length is limited to 255 characters per the standard. Envoy always expects this operation to succeed and abnormally aborts the process when it fails. This vulnerability is fixed in 1.30.1, 1.29.4, 1.28.3, and 1.27.5.\n",
"id": "GSD-2024-32475",
"modified": "2024-04-13T05:02:29.105695Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2024-32475",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "envoy",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003e= 1.30.0, \u003c 11.30.1"
},
{
"version_affected": "=",
"version_value": "\u003e= 1.29.0, \u003c 1.29.4"
},
{
"version_affected": "=",
"version_value": "\u003e= 1.28.0, \u003c 1.28.3"
},
{
"version_affected": "=",
"version_value": "\u003e= 1.13.0, \u003c 1.27.5"
}
]
}
}
]
},
"vendor_name": "envoyproxy"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when setting SNI for outbound TLS connection. The error can occur when Envoy attempts to use the `host`/`:authority` header value longer than 255 characters as SNI for outbound TLS connection. SNI length is limited to 255 characters per the standard. Envoy always expects this operation to succeed and abnormally aborts the process when it fails. This vulnerability is fixed in 1.30.1, 1.29.4, 1.28.3, and 1.27.5.\n"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-253",
"lang": "eng",
"value": "CWE-253: Incorrect Check of Function Return Value"
}
]
},
{
"description": [
{
"cweId": "CWE-617",
"lang": "eng",
"value": "CWE-617: Reachable Assertion"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"refsource": "MISC",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
},
{
"name": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"refsource": "MISC",
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
}
]
},
"source": {
"advisory": "GHSA-3mh5-6q8v-25wj",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when setting SNI for outbound TLS connection. The error can occur when Envoy attempts to use the `host`/`:authority` header value longer than 255 characters as SNI for outbound TLS connection. SNI length is limited to 255 characters per the standard. Envoy always expects this operation to succeed and abnormally aborts the process when it fails. This vulnerability is fixed in 1.30.1, 1.29.4, 1.28.3, and 1.27.5.\n"
}
],
"id": "CVE-2024-32475",
"lastModified": "2024-04-18T18:25:55.267",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-04-18T15:15:30.670",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-253"
},
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
}
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.