Vulnerability Database
Blog
FAQ
Docs
RHSA-2022:6277
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2022:6277
Import Source
https://security.access.redhat.com/data/osv/RHSA-2022:6277.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2022:6277
Related
CVE-2022-24675
CVE-2022-24785
CVE-2022-24921
CVE-2022-28327
CVE-2022-29526
CVE-2022-30629
CVE-2022-31129
Published
2024-09-30T14:24:07Z
Modified
2024-12-21T10:01:31Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.5 security update
Details
References
https://access.redhat.com/errata/RHSA-2022:6277
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2064857
https://bugzilla.redhat.com/show_bug.cgi?id=2072009
https://bugzilla.redhat.com/show_bug.cgi?id=2077688
https://bugzilla.redhat.com/show_bug.cgi?id=2077689
https://bugzilla.redhat.com/show_bug.cgi?id=2084085
https://bugzilla.redhat.com/show_bug.cgi?id=2092793
https://bugzilla.redhat.com/show_bug.cgi?id=2105075
https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6277.json
https://access.redhat.com/security/cve/CVE-2022-24675
https://www.cve.org/CVERecord?id=CVE-2022-24675
https://nvd.nist.gov/vuln/detail/CVE-2022-24675
https://groups.google.com/g/golang-announce/c/oecdBNLOml8
https://access.redhat.com/security/cve/CVE-2022-24785
https://www.cve.org/CVERecord?id=CVE-2022-24785
https://nvd.nist.gov/vuln/detail/CVE-2022-24785
https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
https://access.redhat.com/security/cve/CVE-2022-24921
https://www.cve.org/CVERecord?id=CVE-2022-24921
https://nvd.nist.gov/vuln/detail/CVE-2022-24921
https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk
https://access.redhat.com/security/cve/CVE-2022-28327
https://www.cve.org/CVERecord?id=CVE-2022-28327
https://nvd.nist.gov/vuln/detail/CVE-2022-28327
https://access.redhat.com/security/cve/CVE-2022-29526
https://www.cve.org/CVERecord?id=CVE-2022-29526
https://nvd.nist.gov/vuln/detail/CVE-2022-29526
https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU
https://access.redhat.com/security/cve/CVE-2022-30629
https://www.cve.org/CVERecord?id=CVE-2022-30629
https://nvd.nist.gov/vuln/detail/CVE-2022-30629
https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg
https://access.redhat.com/security/cve/CVE-2022-31129
https://www.cve.org/CVERecord?id=CVE-2022-31129
https://nvd.nist.gov/vuln/detail/CVE-2022-31129
https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g
Affected packages
Red Hat:service_mesh:2.1::el8
/
servicemesh
Package
Name
servicemesh
Purl
pkg:rpm/redhat/servicemesh
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.5-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-cni
Package
Name
servicemesh-cni
Purl
pkg:rpm/redhat/servicemesh-cni
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.5-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-operator
Package
Name
servicemesh-operator
Purl
pkg:rpm/redhat/servicemesh-operator
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.5-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-pilot-agent
Package
Name
servicemesh-pilot-agent
Purl
pkg:rpm/redhat/servicemesh-pilot-agent
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.5-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-pilot-discovery
Package
Name
servicemesh-pilot-discovery
Purl
pkg:rpm/redhat/servicemesh-pilot-discovery
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.5-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-prometheus
Package
Name
servicemesh-prometheus
Purl
pkg:rpm/redhat/servicemesh-prometheus
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.23.0-9.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-ratelimit
Package
Name
servicemesh-ratelimit
Purl
pkg:rpm/redhat/servicemesh-ratelimit
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.5-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy
Package
Name
servicemesh-proxy
Purl
pkg:rpm/redhat/servicemesh-proxy
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.5-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy-debuginfo
Package
Name
servicemesh-proxy-debuginfo
Purl
pkg:rpm/redhat/servicemesh-proxy-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.5-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy-debugsource
Package
Name
servicemesh-proxy-debugsource
Purl
pkg:rpm/redhat/servicemesh-proxy-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.5-1.el8
Red Hat:service_mesh:2.1::el8
/
servicemesh-proxy-wasm
Package
Name
servicemesh-proxy-wasm
Purl
pkg:rpm/redhat/servicemesh-proxy-wasm
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.5-1.el8
RHSA-2022:6277 - OSV