rhsa-2025:18252
Vulnerability from csaf_redhat
Published
2025-10-16 13:13
Modified
2025-11-10 01:32
Summary
Red Hat Security Advisory: Kiali 2.11.4 for Red Hat OpenShift Service Mesh 3.1
Notes
Topic
Kiali 2.11.4 for Red Hat OpenShift Service Mesh 3.1
This update has a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Kiali 2.11.4, for Red Hat OpenShift Service Mesh 3.1, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.
Security Fix(es):
* kiali-ossmc-rhel9: Axios DoS via lack of data size check (CVE-2025-58754)
* kiali-rhel9: Axios DoS via lack of data size check (CVE-2025-58754)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.11.4 for Red Hat OpenShift Service Mesh 3.1\n\nThis update has a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.11.4, for Red Hat OpenShift Service Mesh 3.1, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* kiali-ossmc-rhel9: Axios DoS via lack of data size check (CVE-2025-58754)\n\n* kiali-rhel9: Axios DoS via lack of data size check (CVE-2025-58754)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:18252",
"url": "https://access.redhat.com/errata/RHSA-2025:18252"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58754",
"url": "https://access.redhat.com/security/cve/CVE-2025-58754"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-58754",
"url": "https://access.redhat.com/security/cve/cve-2025-58754"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_18252.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.11.4 for Red Hat OpenShift Service Mesh 3.1",
"tracking": {
"current_release_date": "2025-11-10T01:32:53+00:00",
"generator": {
"date": "2025-11-10T01:32:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:18252",
"initial_release_date": "2025-10-16T13:13:12+00:00",
"revision_history": [
{
"date": "2025-10-16T13:13:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-16T13:13:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-10T01:32:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.1",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759569680"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-operator-bundle@sha256%3A73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=10.3-1760093761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759840190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759998697"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759569680"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759840190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759998697"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759569680"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759840190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:c60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:c60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:c60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Ac60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759998697"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759569680"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759840190"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=2.11.4-1759998697"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:c60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:c60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:c60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-58754",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-12T02:00:53.897605+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2394735"
}
],
"notes": [
{
"category": "description",
"text": "Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL with the `data:` scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory (`Buffer`/`Blob`) and returns a synthetic 200 response. This path ignores `maxContentLength` / `maxBodyLength` (which only protect HTTP responses), so an attacker can supply a very large `data:` URI and cause the process to allocate unbounded memory and crash (DoS), even if the caller requested `responseType: \u0027stream\u0027`. Versions 0.30.2 and 1.12.0 contain a patch for the issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios DoS via lack of data size check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the application which bundles axios and not the host Red Hat system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:c60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58754"
},
{
"category": "external",
"summary": "RHBZ#2394735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58754",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58754"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/945435fc51467303768202250debb8d4ae892593",
"url": "https://github.com/axios/axios/commit/945435fc51467303768202250debb8d4ae892593"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/7011",
"url": "https://github.com/axios/axios/pull/7011"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.12.0",
"url": "https://github.com/axios/axios/releases/tag/v1.12.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-4hjh-wcwx-xvwj",
"url": "https://github.com/axios/axios/security/advisories/GHSA-4hjh-wcwx-xvwj"
}
],
"release_date": "2025-09-12T01:16:40.513000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-16T13:13:12+00:00",
"details": "See Kiali 2.11.4 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:c60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:18252"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:c60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:73f9e1628ae38b2e4bd7fc442c1aa020e3cf82294b8e6b453514a28d12a47b5b_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:10c0ed3900fe219c33c017e9e556d76fd9d3349f3ec1d4d2858786a29ff48ba7_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:1d78d641237380eede6d9ad73ef82b8c5e3125e3ebccccc07f6ee9ff3d65a8e0_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:45dcded4e227c5eb3a3f364124b1e88d59fd0b476cb060a9d2bc3cb1f671f21c_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:c60e70e509bc1beea58d8fb31af315c0114adbe0b0db5f167a894abf6459a7d0_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3533af085860bb6db976515d1c6ff241cef08360df235581b53ba54edb6599bc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:3c3e16987cf1c0180c92e5a518dfaf06002f781209b61293a57ebafcc3100395_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5e0cfabeb7ec8a599d1ee96dac8202d2b683a315cb320d8648e4f76cb53abe0d_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:80240f38a5e19e5be1f0c57a7d7e6a43d560e593cd246517f42bcf58adc139f4_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:22c837daffe03e76ca74c79d876aa0b4b638e8e5d94fe809a62642c2e322b192_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:45daaf2c74a6e239416e0161ea77d6262f5dc67cfbb4bc7cde48b0a51f911501_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:672ba265f8b4745d4d7cb324ae8f883e732986499bad4a72dee82f37567623f8_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:79a363dad1ce95dc081cc3197257f0dec1081d841bb401841c0657542b4f4f48_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "axios: Axios DoS via lack of data size check"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…