Vulnerability Database
Blog
FAQ
Docs
RHSA-2022:1275
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2022:1275
Import Source
https://security.access.redhat.com/data/osv/RHSA-2022:1275.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2022:1275
Related
CVE-2021-43824
CVE-2021-43825
CVE-2021-43826
CVE-2022-21654
CVE-2022-21655
CVE-2022-23606
CVE-2022-23635
CVE-2022-24726
Published
2024-09-16T07:28:23Z
Modified
2024-11-22T18:32:33Z
Severity
9.4 (Critical)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.2 security update
Details
References
https://access.redhat.com/errata/RHSA-2022:1275
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=2050744
https://bugzilla.redhat.com/show_bug.cgi?id=2050746
https://bugzilla.redhat.com/show_bug.cgi?id=2050748
https://bugzilla.redhat.com/show_bug.cgi?id=2050753
https://bugzilla.redhat.com/show_bug.cgi?id=2050757
https://bugzilla.redhat.com/show_bug.cgi?id=2050758
https://bugzilla.redhat.com/show_bug.cgi?id=2057277
https://bugzilla.redhat.com/show_bug.cgi?id=2061638
https://issues.redhat.com/browse/OSSM-1074
https://issues.redhat.com/browse/OSSM-1234
https://issues.redhat.com/browse/OSSM-303
https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1275.json
https://access.redhat.com/security/cve/CVE-2021-43824
https://www.cve.org/CVERecord?id=CVE-2021-43824
https://nvd.nist.gov/vuln/detail/CVE-2021-43824
https://github.com/envoyproxy/envoy/security/advisories/GHSA-vj5m-rch8-5r2p
https://access.redhat.com/security/cve/CVE-2021-43825
https://www.cve.org/CVERecord?id=CVE-2021-43825
https://nvd.nist.gov/vuln/detail/CVE-2021-43825
https://github.com/envoyproxy/envoy/security/advisories/GHSA-h69p-g6xg-mhhh
https://access.redhat.com/security/cve/CVE-2021-43826
https://www.cve.org/CVERecord?id=CVE-2021-43826
https://nvd.nist.gov/vuln/detail/CVE-2021-43826
https://github.com/envoyproxy/envoy/security/advisories/GHSA-cmx3-fvgf-83mf
https://access.redhat.com/security/cve/CVE-2022-21654
https://www.cve.org/CVERecord?id=CVE-2022-21654
https://nvd.nist.gov/vuln/detail/CVE-2022-21654
https://github.com/envoyproxy/envoy/security/advisories/GHSA-5j4x-g36v-m283
https://access.redhat.com/security/cve/CVE-2022-21655
https://www.cve.org/CVERecord?id=CVE-2022-21655
https://nvd.nist.gov/vuln/detail/CVE-2022-21655
https://github.com/envoyproxy/envoy/security/advisories/GHSA-7r5p-7fmh-jxpg
https://access.redhat.com/security/cve/CVE-2022-23606
https://www.cve.org/CVERecord?id=CVE-2022-23606
https://nvd.nist.gov/vuln/detail/CVE-2022-23606
https://github.com/envoyproxy/envoy/security/advisories/GHSA-9vp2-4cp7-vvxf
https://access.redhat.com/security/cve/CVE-2022-23635
https://www.cve.org/CVERecord?id=CVE-2022-23635
https://nvd.nist.gov/vuln/detail/CVE-2022-23635
https://istio.io/latest/news/security/istio-security-2022-003
https://access.redhat.com/security/cve/CVE-2022-24726
https://www.cve.org/CVERecord?id=CVE-2022-24726
https://nvd.nist.gov/vuln/detail/CVE-2022-24726
https://istio.io/latest/news/security/istio-security-2022-004/
Affected packages
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy
Package
Name
servicemesh-proxy
Purl
pkg:rpm/redhat/servicemesh-proxy
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.2-4.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy-debuginfo
Package
Name
servicemesh-proxy-debuginfo
Purl
pkg:rpm/redhat/servicemesh-proxy-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.2-4.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy-debugsource
Package
Name
servicemesh-proxy-debugsource
Purl
pkg:rpm/redhat/servicemesh-proxy-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.2-4.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy-wasm
Package
Name
servicemesh-proxy-wasm
Purl
pkg:rpm/redhat/servicemesh-proxy-wasm
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.2-4.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh
Package
Name
servicemesh
Purl
pkg:rpm/redhat/servicemesh
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.2-4.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-cni
Package
Name
servicemesh-cni
Purl
pkg:rpm/redhat/servicemesh-cni
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.2-4.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-pilot-agent
Package
Name
servicemesh-pilot-agent
Purl
pkg:rpm/redhat/servicemesh-pilot-agent
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.2-4.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-pilot-discovery
Package
Name
servicemesh-pilot-discovery
Purl
pkg:rpm/redhat/servicemesh-pilot-discovery
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.2-4.el8
RHSA-2022:1275 - OSV