Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-47778 (GCVE-0-2026-47778)
Vulnerability from cvelistv5 – Published: 2026-06-26 17:27 – Updated: 2026-06-27 02:53
VLAI
EPSS
Title
Envoy: Embedded NUL in TLS DNS SAN Truncation in the Default TLS Certificate Validator. (Auth Bypass)
Summary
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .c_str() before being passed to the Utility::dnsNameMatch() algorithm. If the attacker serves a certificate with a dNSName SAN containing an embedded NUL byte, the helper Utility::generalNameAsString captures the complete string including the NUL. However, when .c_str() evaluates it, implicit conversion to absl::string_view inside dnsNameMatch relies on strlen(), prematurely truncating the evaluation context. Envoy evaluates trucated string against the exact required config_san match and returns true, thereby successfully validating the string with the Nul byte for an upstream routing. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.
Severity
4.4 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-158 - Improper Neutralization of Null Byte or NUL Character
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/envoyproxy/envoy/security/advi… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| envoyproxy | envoy |
Affected:
>= 1.38.0, < 1.38.1
Affected: >= 1.37.0, < 1.37.3 Affected: >= 1.36.0, < 1.36.7 Affected: < 1.35.11 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-47778",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-27T02:52:00.418621Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-27T02:53:13.826Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-f8x4-rw5x-f3r7"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "envoy",
"vendor": "envoyproxy",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.38.0, \u003c 1.38.1"
},
{
"status": "affected",
"version": "\u003e= 1.37.0, \u003c 1.37.3"
},
{
"status": "affected",
"version": "\u003e= 1.36.0, \u003c 1.36.7"
},
{
"status": "affected",
"version": "\u003c 1.35.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .c_str() before being passed to the Utility::dnsNameMatch() algorithm. If the attacker serves a certificate with a dNSName SAN containing an embedded NUL byte, the helper Utility::generalNameAsString captures the complete string including the NUL. However, when .c_str() evaluates it, implicit conversion to absl::string_view inside dnsNameMatch relies on strlen(), prematurely truncating the evaluation context. Envoy evaluates trucated string against the exact required config_san match and returns true, thereby successfully validating the string with the Nul byte for an upstream routing. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-158",
"description": "CWE-158: Improper Neutralization of Null Byte or NUL Character",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T17:27:57.707Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-f8x4-rw5x-f3r7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-f8x4-rw5x-f3r7"
}
],
"source": {
"advisory": "GHSA-f8x4-rw5x-f3r7",
"discovery": "UNKNOWN"
},
"title": "Envoy: Embedded NUL in TLS DNS SAN Truncation in the Default TLS Certificate Validator. (Auth Bypass)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-47778",
"datePublished": "2026-06-26T17:27:57.707Z",
"dateReserved": "2026-05-19T22:36:16.883Z",
"dateUpdated": "2026-06-27T02:53:13.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-47778",
"date": "2026-06-29",
"epss": "0.00205",
"percentile": "0.10613"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-47778\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-06-26T18:16:59.480\",\"lastModified\":\"2026-06-29T18:49:25.843\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .c_str() before being passed to the Utility::dnsNameMatch() algorithm. If the attacker serves a certificate with a dNSName SAN containing an embedded NUL byte, the helper Utility::generalNameAsString captures the complete string including the NUL. However, when .c_str() evaluates it, implicit conversion to absl::string_view inside dnsNameMatch relies on strlen(), prematurely truncating the evaluation context. Envoy evaluates trucated string against the exact required config_san match and returns true, thereby successfully validating the string with the Nul byte for an upstream routing. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"envoyproxy\",\"product\":\"envoy\",\"versions\":[{\"version\":\"\u003e= 1.38.0, \u003c 1.38.1\",\"status\":\"affected\"},{\"version\":\"\u003e= 1.37.0, \u003c 1.37.3\",\"status\":\"affected\"},{\"version\":\"\u003e= 1.36.0, \u003c 1.36.7\",\"status\":\"affected\"},{\"version\":\"\u003c 1.35.11\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.7,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-06-27T02:52:00.418621Z\",\"id\":\"CVE-2026-47778\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-158\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.35.13\",\"matchCriteriaId\":\"3327F1D2-8A35-41E5-B720-06528D0856C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.36.0\",\"versionEndExcluding\":\"1.36.9\",\"matchCriteriaId\":\"B1146A14-3C49-48C3-BC2A-1BBB202EBD84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.37.0\",\"versionEndExcluding\":\"1.37.5\",\"matchCriteriaId\":\"2057BF79-00D1-4154-9DC0-3F278C72F4E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.38.0\",\"versionEndExcluding\":\"1.38.3\",\"matchCriteriaId\":\"2A218AD4-BF4B-46EA-96D7-3B25B7E71AC8\"}]}]}],\"references\":[{\"url\":\"https://github.com/envoyproxy/envoy/security/advisories/GHSA-f8x4-rw5x-f3r7\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\",\"Mitigation\"]},{\"url\":\"https://github.com/envoyproxy/envoy/security/advisories/GHSA-f8x4-rw5x-f3r7\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Vendor Advisory\",\"Mitigation\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-47778\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-27T02:52:00.418621Z\"}}}], \"references\": [{\"url\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-f8x4-rw5x-f3r7\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-27T02:53:05.767Z\"}}], \"cna\": {\"title\": \"Envoy: Embedded NUL in TLS DNS SAN Truncation in the Default TLS Certificate Validator. (Auth Bypass)\", \"source\": {\"advisory\": \"GHSA-f8x4-rw5x-f3r7\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"envoyproxy\", \"product\": \"envoy\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 1.38.0, \u003c 1.38.1\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.37.0, \u003c 1.37.3\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.36.0, \u003c 1.36.7\"}, {\"status\": \"affected\", \"version\": \"\u003c 1.35.11\"}]}], \"references\": [{\"url\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-f8x4-rw5x-f3r7\", \"name\": \"https://github.com/envoyproxy/envoy/security/advisories/GHSA-f8x4-rw5x-f3r7\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .c_str() before being passed to the Utility::dnsNameMatch() algorithm. If the attacker serves a certificate with a dNSName SAN containing an embedded NUL byte, the helper Utility::generalNameAsString captures the complete string including the NUL. However, when .c_str() evaluates it, implicit conversion to absl::string_view inside dnsNameMatch relies on strlen(), prematurely truncating the evaluation context. Envoy evaluates trucated string against the exact required config_san match and returns true, thereby successfully validating the string with the Nul byte for an upstream routing. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-158\", \"description\": \"CWE-158: Improper Neutralization of Null Byte or NUL Character\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-06-26T17:27:57.707Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-47778\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-27T02:53:13.826Z\", \"dateReserved\": \"2026-05-19T22:36:16.883Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-06-26T17:27:57.707Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-SU-2026:11141-1
Vulnerability from csaf_opensuse - Published: 2026-06-28 00:00 - Updated: 2026-06-28 00:00Summary
istioctl-1.30.2-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: istioctl-1.30.2-1.1 on GA media
Description of the patch: These are all security issues fixed in the istioctl-1.30.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-11141
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
30 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "istioctl-1.30.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the istioctl-1.30.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-11141",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_11141-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-47204 page",
"url": "https://www.suse.com/security/cve/CVE-2026-47204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-47205 page",
"url": "https://www.suse.com/security/cve/CVE-2026-47205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-47207 page",
"url": "https://www.suse.com/security/cve/CVE-2026-47207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-47220 page",
"url": "https://www.suse.com/security/cve/CVE-2026-47220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-47221 page",
"url": "https://www.suse.com/security/cve/CVE-2026-47221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-47692 page",
"url": "https://www.suse.com/security/cve/CVE-2026-47692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-47775 page",
"url": "https://www.suse.com/security/cve/CVE-2026-47775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-47778 page",
"url": "https://www.suse.com/security/cve/CVE-2026-47778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48042 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48044 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48090 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48497 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48706 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48743 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48743/"
}
],
"title": "istioctl-1.30.2-1.1 on GA media",
"tracking": {
"current_release_date": "2026-06-28T00:00:00Z",
"generator": {
"date": "2026-06-28T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:11141-1",
"initial_release_date": "2026-06-28T00:00:00Z",
"revision_history": [
{
"date": "2026-06-28T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "istioctl-1.30.2-1.1.aarch64",
"product": {
"name": "istioctl-1.30.2-1.1.aarch64",
"product_id": "istioctl-1.30.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "istioctl-bash-completion-1.30.2-1.1.aarch64",
"product": {
"name": "istioctl-bash-completion-1.30.2-1.1.aarch64",
"product_id": "istioctl-bash-completion-1.30.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "istioctl-zsh-completion-1.30.2-1.1.aarch64",
"product": {
"name": "istioctl-zsh-completion-1.30.2-1.1.aarch64",
"product_id": "istioctl-zsh-completion-1.30.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "istioctl-1.30.2-1.1.ppc64le",
"product": {
"name": "istioctl-1.30.2-1.1.ppc64le",
"product_id": "istioctl-1.30.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "istioctl-bash-completion-1.30.2-1.1.ppc64le",
"product": {
"name": "istioctl-bash-completion-1.30.2-1.1.ppc64le",
"product_id": "istioctl-bash-completion-1.30.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"product": {
"name": "istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"product_id": "istioctl-zsh-completion-1.30.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "istioctl-1.30.2-1.1.s390x",
"product": {
"name": "istioctl-1.30.2-1.1.s390x",
"product_id": "istioctl-1.30.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "istioctl-bash-completion-1.30.2-1.1.s390x",
"product": {
"name": "istioctl-bash-completion-1.30.2-1.1.s390x",
"product_id": "istioctl-bash-completion-1.30.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "istioctl-zsh-completion-1.30.2-1.1.s390x",
"product": {
"name": "istioctl-zsh-completion-1.30.2-1.1.s390x",
"product_id": "istioctl-zsh-completion-1.30.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "istioctl-1.30.2-1.1.x86_64",
"product": {
"name": "istioctl-1.30.2-1.1.x86_64",
"product_id": "istioctl-1.30.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "istioctl-bash-completion-1.30.2-1.1.x86_64",
"product": {
"name": "istioctl-bash-completion-1.30.2-1.1.x86_64",
"product_id": "istioctl-bash-completion-1.30.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "istioctl-zsh-completion-1.30.2-1.1.x86_64",
"product": {
"name": "istioctl-zsh-completion-1.30.2-1.1.x86_64",
"product_id": "istioctl-zsh-completion-1.30.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-1.30.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64"
},
"product_reference": "istioctl-1.30.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-1.30.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le"
},
"product_reference": "istioctl-1.30.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-1.30.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x"
},
"product_reference": "istioctl-1.30.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-1.30.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64"
},
"product_reference": "istioctl-1.30.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-bash-completion-1.30.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64"
},
"product_reference": "istioctl-bash-completion-1.30.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-bash-completion-1.30.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le"
},
"product_reference": "istioctl-bash-completion-1.30.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-bash-completion-1.30.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x"
},
"product_reference": "istioctl-bash-completion-1.30.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-bash-completion-1.30.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64"
},
"product_reference": "istioctl-bash-completion-1.30.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-zsh-completion-1.30.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64"
},
"product_reference": "istioctl-zsh-completion-1.30.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-zsh-completion-1.30.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le"
},
"product_reference": "istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-zsh-completion-1.30.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x"
},
"product_reference": "istioctl-zsh-completion-1.30.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "istioctl-zsh-completion-1.30.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
},
"product_reference": "istioctl-zsh-completion-1.30.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-47204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-47204"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.26.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the envoy.filters.http.grpc_stats filter crashes (null pointer dereference / segfault) when a Connect protocol request (Content-Type: application/connect+proto or application/connect+json) hits a direct_response route. A single unauthenticated HTTP request crashes the Envoy process. This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-47204",
"url": "https://www.suse.com/security/cve/CVE-2026-47204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-47204"
},
{
"cve": "CVE-2026-47205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-47205"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free (UAF) vulnerability leading to a sudden segmentation fault exists in Envoy\u0027s ext_authz HTTP filter when processing per-route authorization overrides concurrently with rapid downstream client disconnects. During standard request lifecycles, Envoy instantiates the ext_authz filter with a foundational authorization client object (client_). If a matched route dictates a dynamic per-route HTTP or gRPC authorization service override, the filter generates a localized client. In the vulnerable implementation, this transient client aggressively overwrote the default client_ unique pointer by executing client_ = std::move(per_route_client). When a client rapidly establishes and subsequently tears down a stream (such as rapidly refreshing a protected WebSocket endpoint), the downstream triggers the ConnectionManagerImpl::doDeferredStreamDestroy() -\u003e ActiveStream::onResetStream() lifecycle. Envoy immediately sequences Filter::onDestroy() in an attempt to securely abort dispatched asynchronous authorization check transactions via client_-\u003ecancel(). By destructing the default client abruptly during initiateCall, a memory lifecycle misalignment occurs within the async client manager. The stream teardown fails to reliably track and cancel the dynamically bound asynchronous authorization tasks, orchestrating a sequence where a late asynchronous callback from the network evaluates against a heavily destroyed ActiveStream validation span, generating a UAF process crash. This vulnerability is fixed in 1.36.9, 1.37.5, and 1.38.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-47205",
"url": "https://www.suse.com/security/cve/CVE-2026-47205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-47205"
},
{
"cve": "CVE-2026-47207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-47207"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy crashes if an ext_proc server sends a single gRPC message containing multiple, specially crafted ProcessingResponse messages. This can occur when the first response in the batch causes the gRPC stream object to be destroyed, leading to a use-after-free error when Envoy attempts to process subsequent responses in the same gRPC message. This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-47207",
"url": "https://www.suse.com/security/cve/CVE-2026-47207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-47207"
},
{
"cve": "CVE-2026-47220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-47220"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTED_SERVER_NAME(X:Y)% is used in log format and host related options is specified, like HOST_FIRST, SNI_FIRST, it\u0027s possible to crash Envoy when the specified host header is missing in the request headers. This vulnerability is fixed in 1.37.5 and 1.38.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-47220",
"url": "https://www.suse.com/security/cve/CVE-2026-47220"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-47220"
},
{
"cve": "CVE-2026-47221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-47221"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vulnerability when handling HTTP 303 (See Other) internal redirects for body-less non-GET/HEAD requests. When a POST, PUT, DELETE, or PATCH request without a body is sent to a route configured with internal redirect policy that includes 303 in redirect_response_codes, and the upstream responds with HTTP 303, the redirect handling code attempts to drain a request body buffer that was never allocated. This results in a segmentation fault that crashes the entire Envoy process. When route configured with internal_redirect_policy including 303 in redirect_response_codes and upstream must return HTTP 303 response, an unauthenticated attacker can exploit this to cause complete denial of service, terminating all active connections. This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-47221",
"url": "https://www.suse.com/security/cve/CVE-2026-47221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-47221"
},
{
"cve": "CVE-2026-47692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-47692"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, PROXY Protocol v2 header generator emits TLVs beyond the maximum length of 65535 bytes, causing a mismatch between bytes written and the length field in the header. This can result in smuggled bytes on the upstream request. This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-47692",
"url": "https://www.suse.com/security/cve/CVE-2026-47692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-47692"
},
{
"cve": "CVE-2026-47775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-47775"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter\u0027s encrypt()/decrypt() functions use AES-256-CBC without an authentication tag (no HMAC, no AEAD). The /callback endpoint returns HTTP 302 on successful decryption and HTTP 401 on padding failure, creating a padding oracle. An attacker who obtains the encrypted CodeVerifier cookie can recover the plaintext PKCE code_verifier in ~6,200 requests (~100 seconds), then exchange it with a stolen authorization code to obtain the victim\u0027s access token. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-47775",
"url": "https://www.suse.com/security/cve/CVE-2026-47775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-47775"
},
{
"cve": "CVE-2026-47778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-47778"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .c_str() before being passed to the Utility::dnsNameMatch() algorithm. If the attacker serves a certificate with a dNSName SAN containing an embedded NUL byte, the helper Utility::generalNameAsString captures the complete string including the NUL. However, when .c_str() evaluates it, implicit conversion to absl::string_view inside dnsNameMatch relies on strlen(), prematurely truncating the evaluation context. Envoy evaluates trucated string against the exact required config_san match and returns true, thereby successfully validating the string with the Nul byte for an upstream routing. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-47778",
"url": "https://www.suse.com/security/cve/CVE-2026-47778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-47778"
},
{
"cve": "CVE-2026-48042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48042"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of JSON Object results in stack overflow when deeply O(100K) nested objects are present. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48042",
"url": "https://www.suse.com/security/cve/CVE-2026-48042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-48042"
},
{
"cve": "CVE-2026-48044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48044"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.23.0 until 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability has been identified in Envoy\u0027s zstd decompressor implementation (ZstdDecompressorImpl). When zstd decompression is enabled, processing a specially crafted, highly compressed zstd payload can lead to massive memory allocation. An attacker can exploit this to cause severe memory exhaustion, potentially resulting in an Out-Of-Memory (OOM) kill and Denial of Service (DoS) for the Envoy proxy. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48044",
"url": "https://www.suse.com/security/cve/CVE-2026-48044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-48044"
},
{
"cve": "CVE-2026-48090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48090"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter (envoy.filters.http.oauth2) can leave an in-flight async token exchange attached to a downstream stream that has already been torn down. A late AsyncClient completion can still invoke OAuth2Filter methods that use StreamDecoderFilterCallbacks after that object\u0027s lifetime has ended, causing undefined behavior, worker crashes (availability loss), and use-after-free / invalid-vptr failures under AddressSanitizer. This is a memory-safety / lifetime issue in the data plane, not a trivial config bug. Remote code execution is not claimed here; the primary demonstrated impact is DoS via crash and UB; any further impact would be deployment- and allocator-dependent. This vulnerability is fixed in 1.37.5 and 1.38.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48090",
"url": "https://www.suse.com/security/cve/CVE-2026-48090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-48090"
},
{
"cve": "CVE-2026-48497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48497"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution containing a name with the length of 255 octets or remote resolution for a name of 255 octets long can complete successfully, a query with such name will result in abnormal process termination. The abnormal process termination is triggered by an invalid runtime precondition that the query name is strictly less than 255 octets, contradicting DNS specification rfc1035#section-2.3.4 that the name can be 255 or less octets. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48497",
"url": "https://www.suse.com/security/cve/CVE-2026-48497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-48497"
},
{
"cve": "CVE-2026-48706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48706"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vulnerability exists in Envoy\u0027s TCP StatsD sink (TcpStatsdSink), where the thread-local flusher buffer can be overflowed by exceptionally long statistic names (e.g., \u003e16KiB). During formatting, TcpStatsdSink reserves a single contiguous memory slice of 16KiB (FLUSH_SLICE_SIZE_BYTES). If formatting a single metric exceeds the remaining capacity, the flusher initiates a buffer rotation but incorrectly continues to allocate another fixed 16KiB slice. If an attacker can trigger a statistic name longer than 16KiB-for example, by sending an HTTP or gRPC request with an extremely long request path (:path) that is recorded by the grpc_stats filter configured with stats_for_all_methods: true-the flusher will attempt to copy the metric name using memcpy operations beyond the allocated heap buffer boundaries. This leads to a heap write overflow, which can cause immediate denial-of-service (process crash) or potential remote code execution (RCE). This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48706",
"url": "https://www.suse.com/security/cve/CVE-2026-48706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-48706"
},
{
"cve": "CVE-2026-48743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48743"
}
],
"notes": [
{
"category": "general",
"text": "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can translate a downstream HTTP/3 request that is complete at the transport layer (HEADERS with FIN / headers-only close) but still carries a nonzero Content-Length into a complete upstream HTTP/1 request with unresolved body debt. In an HTTP/1 upstream deployment where the origin replies before reading the declared body and keeps the connection reusable, the beginning of the next Envoy-generated upstream request can be consumed as the first request\u0027s body. The remaining bytes are then parsed by the origin as a new HTTP/1 request. This was reproduced as a route-bypass/desync: direct /pwn was denied by Envoy, but the second downstream H3 stream received the response for backend-parsed GET /pwn HTTP/1.1. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48743",
"url": "https://www.suse.com/security/cve/CVE-2026-48743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-bash-completion-1.30.2-1.1.x86_64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.aarch64",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.ppc64le",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.s390x",
"openSUSE Tumbleweed:istioctl-zsh-completion-1.30.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-48743"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…