RHEA-2019:3809

Description

Red Hat Enhancement Advisory: Red Hat OpenShift Service Mesh 1.0.2 RPMs

CVSS Metrics

• v3.0•HIGH•Score: 7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• redhat•jaeger

  < 0:v1.13.1.redhat5-1.el7

• redhat•jaeger-operator

  < 0:v1.13.1.redhat8-1.el7

• redhat•kiali

  < 0:v1.0.7.redhat1-1.el7

• redhat•servicemesh

  < 0:1.0.2-3.el8

• redhat•servicemesh-citadel

  < 0:1.0.2-3.el8

• redhat•servicemesh-cni

  < 0:1.0.2-3.el8

• redhat•servicemesh-galley

  < 0:1.0.2-3.el8

• redhat•servicemesh-grafana

  < 0:6.2.2-24.el8

• redhat•servicemesh-grafana-prometheus

  < 0:6.2.2-24.el8

• redhat•servicemesh-istioctl

  < 0:1.0.2-3.el8

• redhat•servicemesh-mixc

  < 0:1.0.2-3.el8

• redhat•servicemesh-mixs

  < 0:1.0.2-3.el8

• redhat•servicemesh-operator

  < 0:1.0.2-7.el8

• redhat•servicemesh-pilot-agent

  < 0:1.0.2-3.el8

• redhat•servicemesh-pilot-discovery

  < 0:1.0.2-3.el8

• redhat•servicemesh-prometheus

  < 0:2.7.2-25.el8

• redhat•servicemesh-proxy

  < 0:1.0.2-3.el8

• redhat•servicemesh-sidecar-injector

  < 0:1.0.2-3.el8

References (8)

• https://access.redhat.com/errata/RHEA-2019:3809
• https://issues.redhat.com/browse/MAISTRA-947
• https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhea-2019_3809.json
• https://access.redhat.com/security/cve/CVE-2019-11253
• https://bugzilla.redhat.com/show_bug.cgi?id=1757701
• https://www.cve.org/CVERecord?id=CVE-2019-11253
• https://nvd.nist.gov/vuln/detail/CVE-2019-11253
• https://www.stackrox.com/post/2019/09/protecting-kubernetes-api-against-cve-2019-11253-billion-laughs-attack/