rhsa-2023:4624
Vulnerability from csaf_redhat
Published
2023-08-11 16:47
Modified
2025-09-10 15:02
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.6 security update

Notes

Topic
Red Hat OpenShift Service Mesh 2.3.6 Containers Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Security Fix(es): * envoy: OAuth2 credentials exploit with permanent validity (CVE-2023-35941) * envoy: Incorrect handling of HTTP requests and responses with mixed case schemes (CVE-2023-35944) * envoy: HTTP/2 memory leak in nghttp2 codec (CVE-2023-35945) * envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942) * envoy: CORS filter segfault when origin header is removed (CVE-2023-35943) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Service Mesh 2.3.6 Containers\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* envoy: OAuth2 credentials exploit with permanent validity (CVE-2023-35941)\n\n* envoy: Incorrect handling of HTTP requests and responses with mixed case schemes (CVE-2023-35944)\n\n* envoy: HTTP/2 memory leak in nghttp2 codec (CVE-2023-35945)\n\n* envoy: gRPC access log crash caused by the listener draining (CVE-2023-35942)\n\n* envoy: CORS filter segfault when origin header is removed (CVE-2023-35943)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:4624",
        "url": "https://access.redhat.com/errata/RHSA-2023:4624"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2217977",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217977"
      },
      {
        "category": "external",
        "summary": "2217978",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217978"
      },
      {
        "category": "external",
        "summary": "2217983",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217983"
      },
      {
        "category": "external",
        "summary": "2217985",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217985"
      },
      {
        "category": "external",
        "summary": "2217987",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217987"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4624.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.6 security update",
    "tracking": {
      "current_release_date": "2025-09-10T15:02:51+00:00",
      "generator": {
        "date": "2025-09-10T15:02:51+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.7"
        }
      },
      "id": "RHSA-2023:4624",
      "initial_release_date": "2023-08-11T16:47:28+00:00",
      "revision_history": [
        {
          "date": "2023-08-11T16:47:28+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-08-11T16:47:28+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-09-10T15:02:51+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHOSSM 2.3 for RHEL 8",
                "product": {
                  "name": "RHOSSM 2.3 for RHEL 8",
                  "product_id": "8Base-RHOSSM-2.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:service_mesh:2.3::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Service Mesh"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
                  "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.3.6-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
                  "product_id": "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.3.6-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
                  "product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.3.6-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
                  "product_id": "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.3.6-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
                  "product_id": "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.3.6-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
                  "product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.3.6-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
                "product": {
                  "name": "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
                  "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.3.6-1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
                "product": {
                  "name": "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
                  "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.3.6-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
                "product": {
                  "name": "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
                  "product_id": "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.3.6-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
                "product": {
                  "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
                  "product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.3.6-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
                "product": {
                  "name": "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
                  "product_id": "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.3.6-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
                "product": {
                  "name": "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
                  "product_id": "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.3.6-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x",
                "product": {
                  "name": "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x",
                  "product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.3.6-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x",
                "product": {
                  "name": "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x",
                  "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.3.6-1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
                "product": {
                  "name": "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
                  "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.3.6-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
                "product": {
                  "name": "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
                  "product_id": "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.3.6-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
                "product": {
                  "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
                  "product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.3.6-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
                "product": {
                  "name": "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
                  "product_id": "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.3.6-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
                "product": {
                  "name": "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
                  "product_id": "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.3.6-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
                "product": {
                  "name": "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
                  "product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.3.6-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
                "product": {
                  "name": "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
                  "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.3.6-1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x"
        },
        "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64 as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64"
        },
        "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le"
        },
        "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64 as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64"
        },
        "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le"
        },
        "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x"
        },
        "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le"
        },
        "product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64 as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64"
        },
        "product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x"
        },
        "product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le"
        },
        "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x"
        },
        "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64 as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64"
        },
        "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64 as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64"
        },
        "product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x"
        },
        "product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le"
        },
        "product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64 as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64"
        },
        "product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le"
        },
        "product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
        },
        "product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le"
        },
        "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64 as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64"
        },
        "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x as a component of RHOSSM 2.3 for RHEL 8",
          "product_id": "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
        },
        "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x",
        "relates_to_product_reference": "8Base-RHOSSM-2.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-35941",
      "cwe": {
        "id": "CWE-303",
        "name": "Incorrect Implementation of Authentication Algorithm"
      },
      "discovery_date": "2023-06-27T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2217977"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Envoy, where a malicious client can construct credentials with permanent validity in a specific scenario. This issue is caused by some rare scenarios, such as the combination of host and expiration time, in which the HMAC payload can always be valid in the OAuth2 filter\u0027s HMAC check.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "envoy: OAuth2 credentials exploit with permanent validity",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
        ],
        "known_not_affected": [
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-35941"
        },
        {
          "category": "external",
          "summary": "RHBZ#2217977",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217977"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-35941",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-35941"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35941",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35941"
        }
      ],
      "release_date": "2023-07-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-08-11T16:47:28+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:4624"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "envoy: OAuth2 credentials exploit with permanent validity"
    },
    {
      "cve": "CVE-2023-35942",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2023-06-27T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2217978"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Envoy, where gRPC access loggers using the listener\u0027s global scope can cause a use-after-free crash when the listener is drained. This issue can be triggered by a listener discovery service (LDS) update with the same gRPC access log configuration.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "envoy: gRPC access log crash caused by the listener draining",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
        ],
        "known_not_affected": [
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-35942"
        },
        {
          "category": "external",
          "summary": "RHBZ#2217978",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217978"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-35942",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-35942"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35942",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35942"
        }
      ],
      "release_date": "2023-07-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-08-11T16:47:28+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:4624"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "envoy: gRPC access log crash caused by the listener draining"
    },
    {
      "cve": "CVE-2023-35943",
      "discovery_date": "2023-06-27T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2217987"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Envoy. Suppose an origin header is configured to be removed with request_headers_to_remove: origin. The CORS filter will segfault and crash Envoy when the origin header is removed and deleted between decodeHeaders and encodeHeaders.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "envoy: CORS filter segfault when origin header is removed",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
        ],
        "known_not_affected": [
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-35943"
        },
        {
          "category": "external",
          "summary": "RHBZ#2217987",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217987"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-35943",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-35943"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35943",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35943"
        }
      ],
      "release_date": "2023-07-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-08-11T16:47:28+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:4624"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "envoy: CORS filter segfault when origin header is removed"
    },
    {
      "cve": "CVE-2023-35944",
      "cwe": {
        "id": "CWE-178",
        "name": "Improper Handling of Case Sensitivity"
      },
      "discovery_date": "2023-06-27T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2217985"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Envoy that allows for mixed-case schemes in HTTP/2. However, some internal scheme checks in Envoy are case-sensitive, leading to incorrect handling of requests and responses with mixed case schemes. For example, if a request with a mixed scheme HTTP is sent to the OAuth2 filter, it will fail the exact-match checks for HTTP and inform the remote endpoint the scheme is HTTP, thus potentially bypassing OAuth2 checks specific to HTTP requests.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "envoy: Incorrect handling of HTTP requests and responses with mixed case schemes",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
        ],
        "known_not_affected": [
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-35944"
        },
        {
          "category": "external",
          "summary": "RHBZ#2217985",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217985"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-35944",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-35944"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35944",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35944"
        }
      ],
      "release_date": "2023-07-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-08-11T16:47:28+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:4624"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "envoy: Incorrect handling of HTTP requests and responses with mixed case schemes"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Yan Avlasov"
          ],
          "organization": "Google"
        }
      ],
      "cve": "CVE-2023-35945",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-06-27T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2217983"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Envoy, where a specifically crafted response from an untrusted upstream service can cause a denial of service through memory exhaustion. This issue is caused by Envoy\u2019s HTTP/2 codec, which may leak a header map and bookkeeping structures upon receiving RST_STREAM immediately, followed by the GOAWAY frames from an upstream server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "envoy: HTTP/2 memory leak in nghttp2 codec",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
        ],
        "known_not_affected": [
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
          "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
          "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-35945"
        },
        {
          "category": "external",
          "summary": "RHBZ#2217983",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217983"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-35945",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35945",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35945"
        },
        {
          "category": "external",
          "summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r",
          "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r"
        }
      ],
      "release_date": "2023-07-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-08-11T16:47:28+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:4624"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:0034a052544d5205b81f064361ed8f1213bed6dc868a607a14cb7f1f803c6213_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:731d23d6a6e226a68463beaa956065341537b0f4b2bf2fe0b14c1aff4cd1b45e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/grafana-rhel8@sha256:8aa19f37aef2ed95793a6c6940146c8b67fbbbbad1a219775dc917358de97c61_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:279bc4504c13e65be3a16731dcb042b9fe10f937fffc9f0fcfd8bfd5e3d4717b_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:674726fb44c3eb46b7549964e82da3d6e8969659f72a80ff46bee2736af60eb6_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-cni-rhel8@sha256:aa6b03b229bb55aade074a59199f25dd26b6d596bf65683fdfb1adfd33d6a1cc_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:3fc6b5a00fbc1716e0dc7b958b232135979e17184f662d8b30aba68246380c6a_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:5a91228a6ae101204f87d86d6152e3719de2067e0a04e19984ea379e969ae827_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/istio-must-gather-rhel8@sha256:aa41a543ce10b9d932178894d74ecd3c62c09db6c729affef3d165eef797e873_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:572cb5d7bfcbe827371d715039aa795a234089ad84e87c874c27b4c8368fd414_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e1e2634d0b71ee373d1caa3db8ecd80833847894f3a182ac9a51ffb615a7ea85_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/pilot-rhel8@sha256:e5d923926234b1b1d22a93addce28a2656407932af0391a4d03c739d423aa109_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:28eed3d9554d7424a55a9d8425acc098c56e46ce7754c32f0c6b3993a3400248_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:787962d7a65f62af1f85e2e5d822f3db40093af32fd03ebd0e2cec248d399eb4_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/prometheus-rhel8@sha256:dd4934b72d644f9317465b6c45b137b93123dc50447daedca9a410f11b292132_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:826302993a08f1b7b9d05b17d9a7e71792d2c1adaa8002c59aa8ecbca523d86e_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:d9c2a461fb3de8c30e1fd06924fafe03fd1d0e19ed5cf2e0cb848a1116752cf1_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/proxyv2-rhel8@sha256:e36f4a2d5c66515519aa7158a31f07c8ba376553654d2f71d6f2601106c90095_s390x",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:16222b72f4ae305ca2128ecc7d19d568b6c7edaa32b55e9759a563b2b0ae3000_ppc64le",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:93f927c7fcf4138b6c5ba976d971f50b88f8e46bc819017763014748394bd786_amd64",
            "8Base-RHOSSM-2.3:openshift-service-mesh/ratelimit-rhel8@sha256:fbc19a6d4a1cb052b7944f0b4537f1ce2716f4c81bc6b5866920f8d62be69290_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "envoy: HTTP/2 memory leak in nghttp2 codec"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…