Filtered by vendor Redhat Subscriptions
Filtered by product Service Mesh Subscriptions
Total 171 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-9900 2 Envoyproxy, Redhat 3 Envoy, Openshift Service Mesh, Service Mesh 2024-08-04 8.3 High
When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL characters to potentially bypass header matching rules, gaining access to unauthorized resources.
CVE-2019-9513 12 Apache, Apple, Canonical and 9 more 25 Traffic Server, Mac Os X, Swiftnio and 22 more 2024-08-04 7.5 High
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
CVE-2019-9511 12 Apache, Apple, Canonical and 9 more 29 Traffic Server, Mac Os X, Swiftnio and 26 more 2024-08-04 7.5 High
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2020-28852 2 Golang, Redhat 5 Text, Acm, Enterprise Linux and 2 more 2024-08-04 7.5 High
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
CVE-2020-28851 2 Golang, Redhat 5 Go, Acm, Enterprise Linux and 2 more 2024-08-04 7.5 High
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
CVE-2020-28362 4 Fedoraproject, Golang, Netapp and 1 more 12 Fedora, Go, Cloud Insights Telegraf Agent and 9 more 2024-08-04 7.5 High
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
CVE-2020-25017 2 Envoyproxy, Redhat 2 Envoy, Service Mesh 2024-08-04 8.3 High
Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoy’s setCopy() header map API does not replace all existing occurences of a non-inline header.
CVE-2020-16844 2 Istio, Redhat 2 Istio, Service Mesh 2024-08-04 6.8 Medium
In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g. *-some-suffix) for source principals or namespace fields, callers will never be denied access, bypassing the intended policy.
CVE-2020-16845 5 Debian, Fedoraproject, Golang and 2 more 13 Debian Linux, Fedora, Go and 10 more 2024-08-04 7.5 High
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
CVE-2020-15586 6 Cloudfoundry, Debian, Fedoraproject and 3 more 15 Cf-deployment, Routing-release, Debian Linux and 12 more 2024-08-04 5.9 Medium
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.
CVE-2020-15104 2 Envoyproxy, Redhat 2 Envoy, Service Mesh 2024-08-04 4.6 Medium
In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains. For example, with a SAN of *.example.com, Envoy would incorrectly allow nested.subdomain.example.com, when it should only allow subdomain.example.com. This defect applies to both validating a client TLS certificate in mTLS, and validating a server TLS certificate for upstream connections. This vulnerability is only applicable to situations where an untrusted entity can obtain a signed wildcard TLS certificate for a domain of which you only intend to trust a subdomain of. For example, if you intend to trust api.mysubdomain.example.com, and an untrusted actor can obtain a signed TLS certificate for *.example.com or *.com. Configurations are vulnerable if they use verify_subject_alt_name in any Envoy version, or if they use match_subject_alt_names in version 1.14 or later. This issue has been fixed in Envoy versions 1.12.6, 1.13.4, 1.14.4, 1.15.0.
CVE-2020-14306 2 Istio-operator Project, Redhat 2 Istio-operator, Service Mesh 2024-08-04 8.8 High
An incorrect access control flaw was found in the operator, openshift-service-mesh/istio-rhel8-operator all versions through 1.1.3. This flaw allows an attacker with a basic level of access to the cluster to deploy a custom gateway/pod to any namespace, potentially gaining access to privileged service account tokens. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14040 3 Fedoraproject, Golang, Redhat 16 Fedora, Text, 3scale Amp and 13 more 2024-08-04 7.5 High
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.
CVE-2020-13430 2 Grafana, Redhat 3 Grafana, Enterprise Linux, Service Mesh 2024-08-04 6.1 Medium
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
CVE-2020-13379 5 Fedoraproject, Grafana, Netapp and 2 more 11 Fedora, Grafana, E-series Performance Analyzer and 8 more 2024-08-04 8.2 High
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.
CVE-2020-12666 3 Fedoraproject, Go-macaron, Redhat 3 Fedora, Macaron, Service Mesh 2024-08-04 6.1 Medium
macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL.
CVE-2020-12604 2 Envoyproxy, Redhat 2 Envoy, Service Mesh 2024-08-04 7.5 High
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream.
CVE-2020-12603 2 Envoyproxy, Redhat 2 Envoy, Service Mesh 2024-08-04 7.5 High
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames.
CVE-2020-12605 2 Envoyproxy, Redhat 2 Envoy, Service Mesh 2024-08-04 7.5 High
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.
CVE-2020-12459 3 Fedoraproject, Grafana, Redhat 4 Fedora, Grafana, Enterprise Linux and 1 more 2024-08-04 5.5 Medium
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.