Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-53270
Vulnerability from cvelistv5
Published
2024-12-18 19:12
Modified
2024-12-18 21:35
Severity ?
EPSS score ?
Summary
Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active request exists when `envoy.load_shed_points.http1_server_abort_dispatch` is configured. If `active_request` is nullptr, only onMessageBeginImpl() is called. However, the `onMessageBeginImpl` will directly return ok status if the stream is already reset leading to the nullptr reference. The downstream reset can actually happen during the H/2 upstream reset. As a result envoy may crash. This issue has been addressed in releases 1.32.3, 1.31.5, 1.30.9, and 1.29.12. Users are advised to upgrade. Users unable to upgrade may disable `http1_server_abort_dispatch` load shed point and/or use a high threshold.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| envoyproxy | envoy |
Version: >= 1.32.0, < 1.32.3 Version: >= 1.31.0, < 1.31.5 Version: >= 1.30.0, < 1.30.9 Version: < 1.29.12 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53270",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T21:34:59.313563Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T21:35:24.476Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "envoy",
"vendor": "envoyproxy",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.32.0, \u003c 1.32.3"
},
{
"status": "affected",
"version": "\u003e= 1.31.0, \u003c 1.31.5"
},
{
"status": "affected",
"version": "\u003e= 1.30.0, \u003c 1.30.9"
},
{
"status": "affected",
"version": "\u003c 1.29.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active request exists when `envoy.load_shed_points.http1_server_abort_dispatch` is configured. If `active_request` is nullptr, only onMessageBeginImpl() is called. However, the `onMessageBeginImpl` will directly return ok status if the stream is already reset leading to the nullptr reference. The downstream reset can actually happen during the H/2 upstream reset. As a result envoy may crash. This issue has been addressed in releases 1.32.3, 1.31.5, 1.30.9, and 1.29.12. Users are advised to upgrade. Users unable to upgrade may disable `http1_server_abort_dispatch` load shed point and/or use a high threshold."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-670",
"description": "CWE-670: Always-Incorrect Control Flow Implementation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T19:12:18.775Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3"
},
{
"name": "https://github.com/envoyproxy/envoy/pull/37743/commits/6cf8afda956ba67c9afad185b962325a5242ef02",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/envoyproxy/envoy/pull/37743/commits/6cf8afda956ba67c9afad185b962325a5242ef02"
}
],
"source": {
"advisory": "GHSA-q9qv-8j52-77p3",
"discovery": "UNKNOWN"
},
"title": "HTTP/1: sending overload crashes when the request is reset beforehand in envoy"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-53270",
"datePublished": "2024-12-18T19:12:18.775Z",
"dateReserved": "2024-11-19T20:08:14.482Z",
"dateUpdated": "2024-12-18T21:35:24.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-53270\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-12-18T20:15:24.290\",\"lastModified\":\"2024-12-18T22:15:06.883\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active request exists when `envoy.load_shed_points.http1_server_abort_dispatch` is configured. If `active_request` is nullptr, only onMessageBeginImpl() is called. However, the `onMessageBeginImpl` will directly return ok status if the stream is already reset leading to the nullptr reference. The downstream reset can actually happen during the H/2 upstream reset. As a result envoy may crash. This issue has been addressed in releases 1.32.3, 1.31.5, 1.30.9, and 1.29.12. Users are advised to upgrade. Users unable to upgrade may disable `http1_server_abort_dispatch` load shed point and/or use a high threshold.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-670\"}]}],\"references\":[{\"url\":\"https://github.com/envoyproxy/envoy/pull/37743/commits/6cf8afda956ba67c9afad185b962325a5242ef02\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-53270\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-18T21:34:59.313563Z\"}}}], \"references\": [{\"url\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-18T21:35:19.749Z\"}}], \"cna\": {\"title\": \"HTTP/1: sending overload crashes when the request is reset beforehand in envoy\", \"source\": {\"advisory\": \"GHSA-q9qv-8j52-77p3\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"envoyproxy\", \"product\": \"envoy\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 1.32.0, \u003c 1.32.3\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.31.0, \u003c 1.31.5\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.30.0, \u003c 1.30.9\"}, {\"status\": \"affected\", \"version\": \"\u003c 1.29.12\"}]}], \"references\": [{\"url\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3\", \"name\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/37743/commits/6cf8afda956ba67c9afad185b962325a5242ef02\", \"name\": \"https://github.com/envoyproxy/envoy/pull/37743/commits/6cf8afda956ba67c9afad185b962325a5242ef02\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active request exists when `envoy.load_shed_points.http1_server_abort_dispatch` is configured. If `active_request` is nullptr, only onMessageBeginImpl() is called. However, the `onMessageBeginImpl` will directly return ok status if the stream is already reset leading to the nullptr reference. The downstream reset can actually happen during the H/2 upstream reset. As a result envoy may crash. This issue has been addressed in releases 1.32.3, 1.31.5, 1.30.9, and 1.29.12. Users are advised to upgrade. Users unable to upgrade may disable `http1_server_abort_dispatch` load shed point and/or use a high threshold.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-670\", \"description\": \"CWE-670: Always-Incorrect Control Flow Implementation\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-12-18T19:12:18.775Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-53270\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-18T21:35:24.476Z\", \"dateReserved\": \"2024-11-19T20:08:14.482Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-12-18T19:12:18.775Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
rhsa-2025:1053
Vulnerability from csaf_redhat
Published
2025-02-05 09:04
Modified
2025-02-20 11:27
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.5
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.6.5
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* openshift-istio-proxyv2-rhel9-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
* openshift-istio-proxyv2-rhel9-container: HTTP/1: sending overload crashes when the request is reset beforehand in envoy (CVE-2024-53270)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.6.5\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* openshift-istio-proxyv2-rhel9-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n* openshift-istio-proxyv2-rhel9-container: HTTP/1: sending overload crashes when the request is reset beforehand in envoy (CVE-2024-53270)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:1053",
"url": "https://access.redhat.com/errata/RHSA-2025:1053"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2333091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333091"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "OSSM-8608",
"url": "https://issues.redhat.com/browse/OSSM-8608"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1053.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.5",
"tracking": {
"current_release_date": "2025-02-20T11:27:39+00:00",
"generator": {
"date": "2025-02-20T11:27:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.3.1"
}
},
"id": "RHSA-2025:1053",
"initial_release_date": "2025-02-05T09:04:18+00:00",
"revision_history": [
{
"date": "2025-02-05T09:04:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-02-05T09:04:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-02-20T11:27:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 8",
"product": {
"name": "RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 9",
"product": {
"name": "RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.9-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.5-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.9-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.9-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.5-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.9-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.5-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64"
],
"known_not_affected": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-05T09:04:18+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1053"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2024-53270",
"cwe": {
"id": "CWE-670",
"name": "Always-Incorrect Control Flow Implementation"
},
"discovery_date": "2024-12-18T20:01:35.757440+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333091"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy. In systems where `http1_server_abort_dispatch` is configured, Envoy does not properly handle the control flow during H1 stream resets. This can trigger a null pointer error and lead to an application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: HTTP/1: sending overload crashes when the request is reset beforehand in envoy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Envoy Proxy is marked as important severity rather than moderate due to its ability to cause a null pointer dereference, leading to a complete crash of the proxy under specific conditions. As Envoy is commonly deployed in mission-critical roles such as a high-performance edge, middle, or service proxy, a crash can disrupt downstream and upstream communication, effectively bringing down services dependent on Envoy. The issue is exacerbated by its potential to occur during load shedding, a mechanism typically invoked during resource exhaustion, which is a critical time for maintaining service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64"
],
"known_not_affected": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-53270"
},
{
"category": "external",
"summary": "RHBZ#2333091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333091"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-53270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53270"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-53270",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53270"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/pull/37743/commits/6cf8afda956ba67c9afad185b962325a5242ef02",
"url": "https://github.com/envoyproxy/envoy/pull/37743/commits/6cf8afda956ba67c9afad185b962325a5242ef02"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3"
}
],
"release_date": "2024-12-18T19:12:18.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-05T09:04:18+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1053"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:2bffc415df35731fc8bf5e34f219af3361f04ade837a0550df518abf695ee46c_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:38d3a3a54dba67b98bf1014d4c7f931f14ab6eb0d1bccbbb6024fca83213677a_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4c75fe4eabbf82411c0740987cec2367ce084dda94ce28ba1d7ade3319aa5f8e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:7aea9c6b666f46e667c707fe9a66eed6c00fae5c65e43e53c945ce2da851a5d4_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:27143727b7647d7f4619b3e84f878661e3ec26bc950b2e9aaf4ec879703296f6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:99fda7d1da8ef52c571d9910cc721a3f02e3a116d3aaf6a81688c0f5540f82aa_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:ccb928a71eb1d818ac9fde5dd320ef27eedb4d456e8f0feb544f54a5b8c6c446_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:f74c3fa5d45e3feb5564ac7398db5b890dfd66c4a53dda89365f801bab0dc321_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:11e46e4f45b8ad08c456bdc62ffc03f5f165767ff6b1f99a3afed1568963e537_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9b1d5bcb7b84f327a7a97a7d2274ae6e092e6851c43981de573e499a7e6ed4f8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9f17587bd624e2c4626868dba1684788a871432e79672ce6ac4c767e9daf467c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:b3cd238cbf0f4bfbcd16bbda3db4bd08ce07c3138134a756274e82cea5f6f2ed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:17d7ce53ba602d5b57736d053d6addb9b8482ddf67ca9a8311939da4e8e572d7_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:1d4393b6f23aed8fa602ba5a7a84aac74b7f479329f421c437164d4d27140e0a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:8b5e77faa4e1ab8ce301e17542c83b9dfcc1a66d3017950cd8077a4f8b2dfd52_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:9901c1664f58699e647886558827ef5ab55435612ea1ddc3705f179a79b71dc8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:3d9688136c8717bbabc864cb76f32ad1157c124a8697de5de0e46fb108e2df69_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:45a73246c86ff695296ebf00995972fbbc2a6bf9b6280458282dbbf6de03217f_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:743e781d7bd11e87ea366cc163b043e63af3156ae952d4e6299122ac40aa9044_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:ec6b91b982f44f02e0d648349ee9e3c754890b8c6b40aaf9ebfc08f473c6b142_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:11ca93a83d46cac87819c0954275ff70fb2c0e6c7e405d318260d86811e976c9_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:3662eb6f48d73e10cf0ee60b1f9d04239ef1d3a34790f61b6ebce8c3df48c647_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a73dac520994a16210c9ee453d94d866f891fdcad2e1aae65711001b2c4c1792_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:e68637f9c9b6dbd757fcc4ed66a95c46db7e41e05f985d298fbd11ece4ba0faf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:24229a95c3bf9ee95d6ebe9f030e199dfbace10f62092f8c68211801783e3cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:41eafde00a00e93dabfcd06233bbd98f3d356a847d340c15787be589c36fa626_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c474ed1c8d85da0a4c34323952adae97de1a7013a70c88d537a85330d12f0f14_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ce883b511662d315086b71975d98c6caa9132ccae742340a3a0250ba427df6c0_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:09872d4af948c4c42d8bc659d9d16ad76217b92afbfabe8954772b82532328e7_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:0a683b2ba99f9ae04d00adc10ca10838a7419cc59680973b269dfb0460adb9e4_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:1f964be7b9b9471ab45d556098d6e7286eb4aa66e0702ab0a0b9b6c5a07bc479_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:69f9f8cb19f4ef7d531b32e6cd824af3198aad5e01364e045676edd27147f83e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: HTTP/1: sending overload crashes when the request is reset beforehand in envoy"
}
]
}
fkie_cve-2024-53270
Vulnerability from fkie_nvd
Published
2024-12-18 20:15
Modified
2024-12-18 22:15
Severity ?
Summary
Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active request exists when `envoy.load_shed_points.http1_server_abort_dispatch` is configured. If `active_request` is nullptr, only onMessageBeginImpl() is called. However, the `onMessageBeginImpl` will directly return ok status if the stream is already reset leading to the nullptr reference. The downstream reset can actually happen during the H/2 upstream reset. As a result envoy may crash. This issue has been addressed in releases 1.32.3, 1.31.5, 1.30.9, and 1.29.12. Users are advised to upgrade. Users unable to upgrade may disable `http1_server_abort_dispatch` load shed point and/or use a high threshold.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active request exists when `envoy.load_shed_points.http1_server_abort_dispatch` is configured. If `active_request` is nullptr, only onMessageBeginImpl() is called. However, the `onMessageBeginImpl` will directly return ok status if the stream is already reset leading to the nullptr reference. The downstream reset can actually happen during the H/2 upstream reset. As a result envoy may crash. This issue has been addressed in releases 1.32.3, 1.31.5, 1.30.9, and 1.29.12. Users are advised to upgrade. Users unable to upgrade may disable `http1_server_abort_dispatch` load shed point and/or use a high threshold."
},
{
"lang": "es",
"value": "Envoy es un proxy de servicio, de borde y de medio alcance de alto rendimiento nativo de la nube. En las versiones afectadas, `sendOverloadError` asumir\u00e1 que existe la solicitud activa cuando se configura `envoy.load_shed_points.http1_server_abort_dispatch`. Si `active_request` es nullptr, solo se llama a onMessageBeginImpl(). Sin embargo, `onMessageBeginImpl` devolver\u00e1 directamente el estado ok si la secuencia ya se restableci\u00f3 y conduce a la referencia nullptr. El restablecimiento descendente puede ocurrir durante el restablecimiento ascendente de H/2. Como resultado, Envoy puede bloquearse. Este problema se ha solucionado en las versiones 1.32.3, 1.31.5, 1.30.9 y 1.29.12. Se recomienda a los usuarios que actualicen la versi\u00f3n. Los usuarios que no puedan actualizar pueden deshabilitar el punto de desconexi\u00f3n de carga `http1_server_abort_dispatch` o usar un umbral alto."
}
],
"id": "CVE-2024-53270",
"lastModified": "2024-12-18T22:15:06.883",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-12-18T20:15:24.290",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/envoyproxy/envoy/pull/37743/commits/6cf8afda956ba67c9afad185b962325a5242ef02"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-670"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.