RHSA-2026:33123
Vulnerability from csaf_redhat - Published: 2026-06-29 14:40 - Updated: 2026-06-29 18:45Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.10
Severity
Important
Notes
Topic: Red Hat OpenShift Service Mesh 3.1.10
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Service Mesh 3.1.10, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.
Security Fix(es):
* CVE-2026-39820 openshift-golang-builder-container: Go net/mail: Denial of Service via crafted email inputs (OSSM-14266)
* CVE-2026-42499 openshift-golang-builder-container: net/mail: Denial of Service via pathological email address parsing (OSSM-14501)
* CVE-2026-33814 openshift-golang-builder-container: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame (OSSM-14549)
* CVE-2026-33811 openshift-golang-builder-container: Go net package: Denial of Service via long CNAME response in LookupCNAME (OSSM-14562)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64 | — |
Workaround
|
Threats
Impact
Important
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.1.10\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.1.10, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nSecurity Fix(es):\n\n* CVE-2026-39820 openshift-golang-builder-container: Go net/mail: Denial of Service via crafted email inputs (OSSM-14266)\n* CVE-2026-42499 openshift-golang-builder-container: net/mail: Denial of Service via pathological email address parsing (OSSM-14501)\n* CVE-2026-33814 openshift-golang-builder-container: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame (OSSM-14549)\n* CVE-2026-33811 openshift-golang-builder-container: Go net package: Denial of Service via long CNAME response in LookupCNAME (OSSM-14562)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33123",
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33814",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33123.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.10",
"tracking": {
"current_release_date": "2026-06-29T18:45:40+00:00",
"generator": {
"date": "2026-06-29T18:45:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.2.6"
}
},
"id": "RHSA-2026:33123",
"initial_release_date": "2026-06-29T14:40:31+00:00",
"revision_history": [
{
"date": "2026-06-29T14:40:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-29T14:40:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-29T18:45:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.1",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3A0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle\u0026tag=1782301303"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222163"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222451"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Ade940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782222394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9\u0026tag=1782223665"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222163"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222451"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Ab6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782222394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Aa09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9\u0026tag=1782223665"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222163"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Ac2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Ad613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222451"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782222394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9\u0026tag=1782223665"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222163"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222451"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Aa6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782222394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Ace2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9\u0026tag=1782223665"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:40:31+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-33814",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:11.324941+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in the Go HTTP/2 protocol implementation allows a remote, unauthenticated attacker to exhaust system resources. By sending a specially crafted HTTP/2 SETTINGS frame with a zero-value SETTINGS_MAX_FRAME_SIZE, the vulnerable Go library enters an infinite loop, impacting the availability of services utilizing HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "RHBZ#2467815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33814",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33814"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://go.dev/cl/761581",
"url": "https://go.dev/cl/761581"
},
{
"category": "external",
"summary": "https://go.dev/cl/761640",
"url": "https://go.dev/cl/761640"
},
{
"category": "external",
"summary": "https://go.dev/issue/78476",
"url": "https://go.dev/issue/78476"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4918",
"url": "https://pkg.go.dev/vuln/GO-2026-4918"
}
],
"release_date": "2026-05-07T19:41:17.631000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:40:31+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:40:31+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:40:31+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…