Filtered by vendor Redhat
Subscriptions
Filtered by product Service Mesh
Subscriptions
Total
171 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-12245 | 2 Grafana, Redhat | 4 Grafana, Enterprise Linux, Openshift and 1 more | 2024-08-04 | 6.1 Medium |
Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip. | ||||
CVE-2020-12052 | 2 Grafana, Redhat | 4 Grafana, Enterprise Linux, Openshift and 1 more | 2024-08-04 | 6.1 Medium |
Grafana version < 6.7.3 is vulnerable for annotation popup XSS. | ||||
CVE-2020-11080 | 7 Debian, Fedoraproject, Nghttp2 and 4 more | 16 Debian Linux, Fedora, Nghttp2 and 13 more | 2024-08-04 | 3.7 Low |
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., > 32), then drop the connection. | ||||
CVE-2020-11022 | 9 Debian, Drupal, Fedoraproject and 6 more | 88 Debian Linux, Drupal, Fedora and 85 more | 2024-08-04 | 6.9 Medium |
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | ||||
CVE-2020-11023 | 8 Debian, Drupal, Fedoraproject and 5 more | 65 Debian Linux, Drupal, Fedora and 62 more | 2024-08-04 | 6.9 Medium |
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | ||||
CVE-2020-10739 | 2 Istio, Redhat | 2 Istio, Service Mesh | 2024-08-04 | 7.5 High |
Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer Exception resulting in a Denial of Service. This could be sent to the ingress gateway or a sidecar, triggering a null pointer exception which results in a denial of service. This also affects servicemesh-proxy where a null pointer exception flaw was found in servicemesh-proxy. When running Telemetry v2 (not on by default in version 1.4.x), an attacker could send a specially crafted packet to the ingress gateway or proxy sidecar, triggering a denial of service. | ||||
CVE-2020-9283 | 3 Debian, Golang, Redhat | 7 Debian Linux, Package Ssh, 3scale Amp and 4 more | 2024-08-04 | 7.5 High |
golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client. | ||||
CVE-2020-8659 | 3 Cncf, Debian, Redhat | 4 Envoy, Debian Linux, Openshift Service Mesh and 1 more | 2024-08-04 | 7.5 High |
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1 byte) chunks. | ||||
CVE-2020-8664 | 2 Cncf, Redhat | 2 Envoy, Service Mesh | 2024-08-04 | 5.3 Medium |
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even though it was visible in the active config dump. | ||||
CVE-2020-8661 | 2 Cncf, Redhat | 3 Envoy, Openshift Service Mesh, Service Mesh | 2024-08-04 | 7.5 High |
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests. | ||||
CVE-2020-8660 | 2 Envoyproxy, Redhat | 2 Envoy, Service Mesh | 2024-08-04 | 5.3 Medium |
CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed (not recognized as a TLS client) by a client using only TLS 1.3. Because TLS extensions (SNI, ALPN) were not inspected, those connections might have been matched to a wrong filter chain, possibly bypassing some security restrictions in the process. | ||||
CVE-2020-8663 | 2 Envoyproxy, Redhat | 2 Envoy, Service Mesh | 2024-08-04 | 7.5 High |
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections. | ||||
CVE-2020-8595 | 2 Istio, Redhat | 4 Istio, Enterprise Linux, Openshift Service Mesh and 1 more | 2024-08-04 | 7.3 High |
Istio versions 1.2.10 (End of Life) and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. For example, an attacker can add a ? or # character to a URI that would otherwise satisfy an exact-path match. | ||||
CVE-2020-8203 | 3 Lodash, Oracle, Redhat | 24 Lodash, Banking Corporate Lending Process Management, Banking Credit Facilities Process Management and 21 more | 2024-08-04 | 7.4 High |
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20. | ||||
CVE-2020-8124 | 2 Redhat, Url-parse Project | 2 Service Mesh, Url-parse | 2024-08-04 | 5.3 Medium |
Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks. | ||||
CVE-2020-7660 | 2 Redhat, Verizon | 2 Service Mesh, Serialize-javascript | 2024-08-04 | 8.1 High |
serialize-javascript prior to 3.1.0 allows remote attackers to inject arbitrary code via the function "deleteFunctions" within "index.js". | ||||
CVE-2020-7662 | 2 Redhat, Websocket-extensions Project | 3 Openshift, Service Mesh, Websocket-extensions | 2024-08-04 | 7.5 High |
websocket-extensions npm module prior to 0.1.4 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header. | ||||
CVE-2020-7598 | 3 Opensuse, Redhat, Substack | 9 Leap, Enterprise Linux, Openshift and 6 more | 2024-08-04 | 5.6 Medium |
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload. | ||||
CVE-2020-1764 | 2 Kiali, Redhat | 3 Kiali, Openshift Service Mesh, Service Mesh | 2024-08-04 | 8.6 High |
A hard-coded cryptographic key vulnerability in the default configuration file was found in Kiali, all versions prior to 1.15.1. A remote attacker could abuse this flaw by creating their own JWT signed tokens and bypass Kiali authentication mechanisms, possibly gaining privileges to view and alter the Istio configuration. | ||||
CVE-2020-1762 | 2 Kiali, Redhat | 3 Kiali, Openshift Service Mesh, Service Mesh | 2024-08-04 | 7 High |
An insufficient JWT validation vulnerability was found in Kiali versions 0.4.0 to 1.15.0 and was fixed in Kiali version 1.15.1, wherein a remote attacker could abuse this flaw by stealing a valid JWT cookie and using that to spoof a user session, possibly gaining privileges to view and alter the Istio configuration. |