Lucene search
RedHatRHSA-2023:5175HistorySep 14, 2023 - 5:30 p.m.
(RHSA-2023:5175) Important: Red Hat OpenShift Service Mesh 2.2.10 security update
2023-09-1417:30:14
access.redhat.com
12
rhsa-2023
istio service mesh
openshift container platform
security update
oauth2 credentials exploit
http requests
http/2
memory leak
cve-2023-35941
cve-2023-35944
cve-2023-35945
cvss score
references
0.003 Low
EPSS
Percentile
65.7%
Red Hat OpenShift Service Mesh is Red Hat’s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
-
envoy: OAuth2 credentials exploit with permanent validity (CVE-2023-35941)
-
envoy: Incorrect handling of HTTP requests and responses with mixed case schemes (CVE-2023-35944)
-
envoy: HTTP/2 memory leak in nghttp2 codec (CVE-2023-35945)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Related
redhat
redhat
nessus
nessus
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.216)
2023-09-22 00:00:00
Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2023-300)
2023-08-24 00:00:00
Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2023-006)
2023-09-06 00:00:00
osv
osv
libxml2 vulnerabilities
2023-04-19 13:42:53
libxml2 - security update
2023-04-30 00:00:00
Moderate: libxml2 security update
2023-08-08 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2504)
2023-08-01 00:00:00
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2527)
2023-08-01 00:00:00
Ubuntu: Security Advisory (USN-6028-1)
2023-04-20 00:00:00
github
github
Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEs
2023-04-11 21:48:01
oraclelinux
oraclelinux
libxml2 security update
2023-08-02 00:00:00
libxml2 security update
2023-08-10 00:00:00
curl security update
2023-08-10 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2321
2024-01-09 09:53:22
Advisory ROSA-SA-2023-2319
2023-12-26 12:04:20
ibm
ibm
fedora
fedora
[SECURITY] Fedora 38 Update: libxml2-2.10.4-1.fc38
2023-04-18 01:40:06
[SECURITY] Fedora 37 Update: libxml2-2.10.4-1.fc37
2023-04-18 01:32:12
[SECURITY] Fedora 37 Update: libssh-0.10.5-1.fc37
2023-05-28 02:56:47
rocky
rocky
libxml2 security update
2023-10-06 23:10:01
curl security update
2023-10-06 23:10:01
libssh security update
2023-07-08 02:54:11
redos
redos
ROS-20230616-04
2023-06-16 00:00:00
aix
aix
AIX is vulnerable to a denial of service due to libxml2
2023-07-25 11:08:32
ubuntu
ubuntu
libxml2 vulnerabilities
2023-04-19 00:00:00
libssh vulnerabilities
2023-06-05 00:00:00
cloudfoundry
cloudfoundry
USN-6028-1: libxml2 vulnerabilities | Cloud Foundry
2023-04-29 00:00:00
USN-6138-1: libssh vulnerabilities | Cloud Foundry
2023-06-30 00:00:00
USN-6166-1: libcap2 vulnerabilities | Cloud Foundry
2023-06-29 00:00:00
debian
debian
[SECURITY] [DSA 5391-1] libxml2 security update
2023-04-20 20:45:49
[SECURITY] [DLA 3405-1] libxml2 security update
2023-04-30 11:00:47
[SECURITY] [DSA 5409-1] libssh security update
2023-05-23 11:50:46
freebsd
freebsd
libxml2 -- multiple vulnerabilities
2023-04-11 00:00:00
almalinux
almalinux
Moderate: libxml2 security update
2023-08-01 00:00:00
Moderate: libxml2 security update
2023-08-08 00:00:00
Moderate: curl security update
2023-08-08 00:00:00
amazon
amazon
Medium: libxml2
2023-04-27 18:36:00
slackware
slackware
[slackware-security] libssh
2023-05-04 19:11:18
mageia
mageia
Updated libssh packages fix security vulnerability
2023-05-21 11:42:44