rhsa-2023_5950
Vulnerability from csaf_redhat
Published
2023-10-19 22:22
Modified
2025-03-29 04:23
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh for 2.2.11 security update
Notes
Topic
An update is now available for Red Hat OpenShift Service Mesh 2.2 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift Service Mesh 2.2 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5950",
"url": "https://access.redhat.com/errata/RHSA-2023:5950"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "OSSM-5021",
"url": "https://issues.redhat.com/browse/OSSM-5021"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5950.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh for 2.2.11 security update",
"tracking": {
"current_release_date": "2025-03-29T04:23:35+00:00",
"generator": {
"date": "2025-03-29T04:23:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.4.2"
}
},
"id": "RHSA-2023:5950",
"initial_release_date": "2023-10-19T22:22:20+00:00",
"revision_history": [
{
"date": "2023-10-19T22:22:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-19T22:22:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-03-29T04:23:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.2 for RHEL 8",
"product": {
"name": "RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.2.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.2.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.48.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.2.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.2.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5_amd64",
"product": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5_amd64",
"product_id": "openshift-service-mesh/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.2.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.2.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.2.11-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.2.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.2.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.48.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.2.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.2.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9_ppc64le",
"product": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9_ppc64le",
"product_id": "openshift-service-mesh/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.2.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.2.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.2.11-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.2.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.2.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.48.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.2.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.2.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144_s390x",
"product": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144_s390x",
"product_id": "openshift-service-mesh/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144_s390x",
"product_identification_helper": {
"purl": "pkg:oci/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.2.11-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.2.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.2.11-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5_amd64"
},
"product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144_s390x"
},
"product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9_ppc64le"
},
"product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880_amd64 as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28_s390x as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642_ppc64le as a component of RHOSSM 2.2 for RHEL 8",
"product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-19T22:22:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5950"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:7f58375b39ee7ed44fb1bd351f55057929fe94cc973cfae52336a3a23245308a_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:8c32a706594a914ea07519d8b8181af80d7d63f8ae16cdff00552e9bde3e04a4_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:a43e967f356eb8c3dfa082752045b4f3d3e4accaf539825487c3d9dc222e89be_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:1be9910498fad81c5f75b549888a1848a72025de76c7077319d88c2c01810307_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3acabc42f763763a0dd787b847b95cc851cfe1e8d0ef23e29149a406c926a5f1_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:a22df732e77a5352f63c9043dc07d0ebc21aa13322d809d36c23967a748671bd_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:1d4de29ba184fba74c0a20228f02731480e08804f173f04e1c23dba55811de32_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:6a32af0e0ea904a63369444e1de9075941cda6268b6c1f3e129a2aafb2892efb_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:8c93aafd4c2424e8cf5065aca72eae6b4fd13c701deccaa37f1c4bf241802dae_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:957d12face152b24cf0dfbb965b3091ea75eb968e1041079986ac84ca39ed076_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:d9dd763fbb43bd1db2b5c59a921b532d898dd2029c2d149fc6a3839546b30ed5_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:e24e22e9155184d5140fb3bbea77ac91908505796f55811b4800e75445f7a20e_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:1233216c4378bcf01dc9673856d34439ad254f3fcdc1acb584d6abe4de550da8_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:319e5911c349cd8613d6a8b429b9402a7cebfcd0d7175e0bef449f0eb305643b_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7a2cca59e90e285eccf4f0b46786c0e653dd803091a35c3a751d12bcffe8c817_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:4a9dcc95179300d844f62e30f667965e62a86a850fd3417f422d2f72d5a8ccf5_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:5b4a6cfe137c2fc858609f5e0bd3305cd0c8f4ad054d601f603b9d39ce335144_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f1975242cf74fe2d6ab0908e04e4ea5b33c32e09112b7ef58640436e677ac9b9_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:23478091aeaeb3d161af0925a9b51d8b9684d08e3b3ce28f46c922c99d454b43_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:7d529995fe3512ce543cc612717c8c7af34a57447620e5abd749de0456a30a47_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:b429f0c68834e5e6dd95e9b9396980ed789302e3ab756decf00a18d9bc94a74b_ppc64le",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0917002c2854e6161df80644db34e7908fd9522e56ab1a8e8865d0f4859c8880_amd64",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:e99c2da16e42573a7684c7a36ba5eafbc58101ce25c321602bac9926f37a5a28_s390x",
"8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:f230fe266302fde1ec9e793e8598d34a8e6814ee1641eacfb526cf67badd6642_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.