Vulnerability Database
Blog
FAQ
Docs
RHSA-2022:5004
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2022:5004
Import Source
https://security.access.redhat.com/data/osv/RHSA-2022:5004.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2022:5004
Related
CVE-2022-23772
CVE-2022-23773
CVE-2022-23806
CVE-2022-29224
CVE-2022-29225
CVE-2022-29226
CVE-2022-29228
CVE-2022-31045
Published
2024-09-30T14:22:28Z
Modified
2024-12-18T10:02:11Z
Severity
10.0 (Critical)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.3 security update
Details
References
https://access.redhat.com/errata/RHSA-2022:5004
https://access.redhat.com/security/updates/classification/#critical
https://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html
https://bugzilla.redhat.com/show_bug.cgi?id=2053429
https://bugzilla.redhat.com/show_bug.cgi?id=2053532
https://bugzilla.redhat.com/show_bug.cgi?id=2053541
https://bugzilla.redhat.com/show_bug.cgi?id=2088737
https://bugzilla.redhat.com/show_bug.cgi?id=2088738
https://bugzilla.redhat.com/show_bug.cgi?id=2088739
https://bugzilla.redhat.com/show_bug.cgi?id=2088740
https://bugzilla.redhat.com/show_bug.cgi?id=2088819
https://issues.redhat.com/browse/OSSM-1107
https://issues.redhat.com/browse/OSSM-1614
https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5004.json
https://access.redhat.com/security/cve/CVE-2022-23772
https://www.cve.org/CVERecord?id=CVE-2022-23772
https://nvd.nist.gov/vuln/detail/CVE-2022-23772
https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ
https://access.redhat.com/security/cve/CVE-2022-23773
https://www.cve.org/CVERecord?id=CVE-2022-23773
https://nvd.nist.gov/vuln/detail/CVE-2022-23773
https://access.redhat.com/security/cve/CVE-2022-23806
https://www.cve.org/CVERecord?id=CVE-2022-23806
https://nvd.nist.gov/vuln/detail/CVE-2022-23806
https://access.redhat.com/security/cve/CVE-2022-29224
https://www.cve.org/CVERecord?id=CVE-2022-29224
https://nvd.nist.gov/vuln/detail/CVE-2022-29224
https://github.com/envoyproxy/envoy/security/advisories/GHSA-m4j9-86g3-8f49
https://access.redhat.com/security/cve/CVE-2022-29225
https://www.cve.org/CVERecord?id=CVE-2022-29225
https://nvd.nist.gov/vuln/detail/CVE-2022-29225
https://github.com/envoyproxy/envoy/security/advisories/GHSA-75hv-2jjj-89hh
https://access.redhat.com/security/cve/CVE-2022-29226
https://www.cve.org/CVERecord?id=CVE-2022-29226
https://nvd.nist.gov/vuln/detail/CVE-2022-29226
https://github.com/envoyproxy/envoy/security/advisories/GHSA-h45c-2f94-prxh
https://access.redhat.com/security/cve/CVE-2022-29228
https://www.cve.org/CVERecord?id=CVE-2022-29228
https://nvd.nist.gov/vuln/detail/CVE-2022-29228
https://github.com/envoyproxy/envoy/security/advisories/GHSA-rww6-8h7g-8jf6
https://access.redhat.com/security/cve/CVE-2022-31045
https://www.cve.org/CVERecord?id=CVE-2022-31045
https://nvd.nist.gov/vuln/detail/CVE-2022-31045
https://github.com/istio/istio/security/advisories/GHSA-xwx5-5c9g-x68x
https://istio.io/latest/news/security/istio-security-2022-005/#cve-2022-31045
Affected packages
Red Hat:service_mesh:2.1::el8
/
servicemesh
Package
Name
servicemesh
Purl
pkg:rpm/redhat/servicemesh
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-cni
Package
Name
servicemesh-cni
Purl
pkg:rpm/redhat/servicemesh-cni
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-operator
Package
Name
servicemesh-operator
Purl
pkg:rpm/redhat/servicemesh-operator
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-2.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-pilot-agent
Package
Name
servicemesh-pilot-agent
Purl
pkg:rpm/redhat/servicemesh-pilot-agent
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-pilot-discovery
Package
Name
servicemesh-pilot-discovery
Purl
pkg:rpm/redhat/servicemesh-pilot-discovery
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-prometheus
Package
Name
servicemesh-prometheus
Purl
pkg:rpm/redhat/servicemesh-prometheus
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.23.0-7.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy
Package
Name
servicemesh-proxy
Purl
pkg:rpm/redhat/servicemesh-proxy
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy-debuginfo
Package
Name
servicemesh-proxy-debuginfo
Purl
pkg:rpm/redhat/servicemesh-proxy-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy-debugsource
Package
Name
servicemesh-proxy-debugsource
Purl
pkg:rpm/redhat/servicemesh-proxy-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy-wasm
Package
Name
servicemesh-proxy-wasm
Purl
pkg:rpm/redhat/servicemesh-proxy-wasm
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-ratelimit
Package
Name
servicemesh-ratelimit
Purl
pkg:rpm/redhat/servicemesh-ratelimit
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-1.el8
RHSA-2022:5004 - OSV