RHSA-2026:33120
Vulnerability from csaf_redhat - Published: 2026-06-29 14:23 - Updated: 2026-06-29 18:45Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.13
Severity
Important
Notes
Topic: Red Hat OpenShift Service Mesh 3.0.13
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Service Mesh 3.0.13, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.
Security Fix(es):
* CVE-2026-39820 openshift-golang-builder-container: Go net/mail: Denial of Service via crafted email inputs (OSSM-14269)
* CVE-2026-42499 openshift-golang-builder-container: net/mail: Denial of Service via pathological email address parsing (OSSM-14500)
* CVE-2026-33814 openshift-golang-builder-container: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame (OSSM-14548)
* CVE-2026-33811 openshift-golang-builder-container: Go net package: Denial of Service via long CNAME response in LookupCNAME (OSSM-14564)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64 | — |
Workaround
|
Threats
Impact
Important
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.0.13\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.0.13, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nSecurity Fix(es):\n\n* CVE-2026-39820 openshift-golang-builder-container: Go net/mail: Denial of Service via crafted email inputs (OSSM-14269)\n* CVE-2026-42499 openshift-golang-builder-container: net/mail: Denial of Service via pathological email address parsing (OSSM-14500)\n* CVE-2026-33814 openshift-golang-builder-container: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame (OSSM-14548)\n* CVE-2026-33811 openshift-golang-builder-container: Go net package: Denial of Service via long CNAME response in LookupCNAME (OSSM-14564)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33120",
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33814",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33120.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.13",
"tracking": {
"current_release_date": "2026-06-29T18:45:40+00:00",
"generator": {
"date": "2026-06-29T18:45:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.2.6"
}
},
"id": "RHSA-2026:33120",
"initial_release_date": "2026-06-29T14:23:25+00:00",
"revision_history": [
{
"date": "2026-06-29T14:23:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-29T14:23:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-29T18:45:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.0",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3A19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle\u0026tag=1782301456"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3Abb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Af473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782296193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9\u0026tag=1782223469"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3Ab994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Ae71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Ae1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Aa1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782296193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Aec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9\u0026tag=1782223469"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Aa6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782296193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Ac77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9\u0026tag=1782223469"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Aee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Abdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Ae24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782296193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Ac1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9\u0026tag=1782223469"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:23:25+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.13 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-33814",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:11.324941+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in the Go HTTP/2 protocol implementation allows a remote, unauthenticated attacker to exhaust system resources. By sending a specially crafted HTTP/2 SETTINGS frame with a zero-value SETTINGS_MAX_FRAME_SIZE, the vulnerable Go library enters an infinite loop, impacting the availability of services utilizing HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "RHBZ#2467815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33814",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33814"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://go.dev/cl/761581",
"url": "https://go.dev/cl/761581"
},
{
"category": "external",
"summary": "https://go.dev/cl/761640",
"url": "https://go.dev/cl/761640"
},
{
"category": "external",
"summary": "https://go.dev/issue/78476",
"url": "https://go.dev/issue/78476"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4918",
"url": "https://pkg.go.dev/vuln/GO-2026-4918"
}
],
"release_date": "2026-05-07T19:41:17.631000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:23:25+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.13 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:23:25+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.13 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:23:25+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.13 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…