Homepage

openshift-service-mesh/istio-operator-bundle

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the openshift-service-mesh/istio-operator-bundle package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Information Exposure

*
  • L
Authentication Bypass by Primary Weakness

*
  • L
Improper Certificate Validation

*
  • L
Information Exposure

*
  • M
Improper Certificate Validation

*
  • M
Improper Certificate Validation

*
  • L
Improperly Implemented Security Check for Standard

*
  • L
Improper Certificate Validation

*
  • M
Improper Certificate Validation

*
  • L
Information Exposure

*
  • L
Authentication Bypass by Primary Weakness

*
  • L
Improperly Implemented Security Check for Standard

*
  • L
Improperly Implemented Security Check for Standard

*
  • L
Improper Certificate Validation

*
  • L
Authentication Bypass by Primary Weakness

*
  • L
Improperly Implemented Security Check for Standard

*
  • L
Improper Certificate Validation

*
  • L
Information Exposure

*
  • L
Authentication Bypass by Primary Weakness

*
  • M
Improper Certificate Validation

*
  • L
Improperly Implemented Security Check for Standard

*
  • L
Improper Certificate Validation

*
  • L
Information Exposure

*
  • M
Improper Certificate Validation

*
  • L
Authentication Bypass by Primary Weakness

*
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Creation of Temporary File in Directory with Incorrect Permissions

*
  • H
Directory Traversal

*
  • M
Creation of Temporary File in Directory with Incorrect Permissions

*
  • M
Creation of Temporary File in Directory with Incorrect Permissions

*
  • M
Creation of Temporary File in Directory with Incorrect Permissions

*
  • M
Creation of Temporary File in Directory with Incorrect Permissions

*
  • H
Directory Traversal

*
  • H
Directory Traversal

*
  • H
Directory Traversal

*
  • H
Directory Traversal

*
  • H
Deserialization of Untrusted Data

*
  • H
Deserialization of Untrusted Data

*
  • H
Deserialization of Untrusted Data

*
  • H
Deserialization of Untrusted Data

*
  • H
Deserialization of Untrusted Data

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • L
Arbitrary Argument Injection

*
  • L
Arbitrary Argument Injection

*
  • L
Arbitrary Argument Injection

*
  • L
Arbitrary Argument Injection

*
  • L
Arbitrary Argument Injection

*
  • M
CVE-2026-0858

*
  • M
CVE-2026-0858

*
  • M
CVE-2026-0858

*
  • M
CVE-2026-0858

*
  • M
CVE-2026-0858

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • M
Link Following

*
  • M
Incomplete Blacklist

*
  • M
Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element

*
  • M
Incomplete Blacklist

*
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • M
Link Following

*
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • M
Incomplete Blacklist

*
  • M
Link Following

*
  • M
Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element

*
  • M
Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element

*
  • M
Link Following

*
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • M
Incomplete Blacklist

*
  • M
Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element

*
  • M
Link Following

*
  • M
Incomplete Blacklist

*
  • M
Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • L
HTTP Request Smuggling

*
  • L
Logging of Excessive Data

*
  • M
HTTP Request Smuggling

*
  • L
Logging of Excessive Data

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Directory Traversal

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Directory Traversal

*
  • M
HTTP Request Smuggling

*
  • L
Logging of Excessive Data

*
  • L
Logging of Excessive Data

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
HTTP Request Smuggling

*
  • M
Directory Traversal

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Directory Traversal

*
  • M
HTTP Request Smuggling

*
  • L
Logging of Excessive Data

*
  • L
HTTP Request Smuggling

*
  • M
Directory Traversal

*
  • L
HTTP Request Smuggling

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • L
HTTP Request Smuggling

*
  • L
HTTP Request Smuggling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
HTTP Request Smuggling

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • L
Inefficient Regular Expression Complexity

*
  • L
Inefficient Regular Expression Complexity

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • L
Inefficient Regular Expression Complexity

*
  • L
Inefficient Regular Expression Complexity

*
  • M
Improper Authentication

*
  • M
Improper Authentication

*
  • M
Protection Mechanism Failure

*
  • M
Protection Mechanism Failure

*
  • M
Improper Authentication

*
  • M
Improper Authentication

*
  • M
Improper Authentication

*
  • M
Protection Mechanism Failure

*
  • M
Protection Mechanism Failure

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Protection Mechanism Failure

*
  • L
Inefficient Regular Expression Complexity

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Missing Reference to Active Allocated Resource

*
  • M
Missing Reference to Active Allocated Resource

*
  • M
Missing Reference to Active Allocated Resource

*
  • M
Missing Reference to Active Allocated Resource

*
  • M
Missing Reference to Active Allocated Resource

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Uncaught Exception

*
  • M
Uncaught Exception

*
  • M
Uncaught Exception

*
  • M
Uncaught Exception

*
  • M
Uncaught Exception

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

*
  • M
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

*
  • M
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

*
  • M
Open Redirect

*
  • M
Open Redirect

*
  • M
Open Redirect

*
  • M
Open Redirect

*
  • M
Open Redirect

*
  • M
NULL Pointer Dereference

*
  • M
NULL Pointer Dereference

*
  • M
NULL Pointer Dereference

*
  • M
NULL Pointer Dereference

*
  • M
NULL Pointer Dereference

*
  • M
Expired Pointer Dereference

*
  • M
Expired Pointer Dereference

*
  • M
Expired Pointer Dereference

*
  • M
Expired Pointer Dereference

*
  • M
Expired Pointer Dereference

*
  • M
Reachable Assertion

*
  • M
Reachable Assertion

*
  • M
Reachable Assertion

*
  • M
Reachable Assertion

*
  • M
Reachable Assertion

*
  • M
HTTP Request Smuggling

*
  • M
HTTP Request Smuggling

*
  • M
HTTP Request Smuggling

*
  • M
HTTP Request Smuggling

*
  • M
HTTP Request Smuggling

*