servicemesh-istioctl vulnerabilities

Known vulnerabilities in the servicemesh-istioctl package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Open Redirect	<0:1.1.6-1.el8
C Improperly Implemented Security Check for Standard	<0:1.0.3-1.el8
C Improper Access Control	<0:1.0.3-1.el8
C Incorrect Calculation of Buffer Size	<0:1.0.3-1.el8
M Information Exposure	*
M Information Exposure	*
H Incorrect Authorization	<0:2.0.4-1.el8
H Incorrect Authorization	<0:1.1.14-1.el8
H Incorrect Authorization	<0:2.0.4-1.el8
H Incorrect Authorization	<0:1.1.14-1.el8
H Resource Exhaustion	<0:1.1.0-5.el8
H Incorrect Regular Expression	<0:1.1.0-5.el8
H Incorrect Authorization	<0:1.1.15-4.el8
H Incorrect Authorization	<0:2.0.5-3.el8
M Improper Access Control	<0:1.1.7-1.el8
H Incorrect Authorization	<0:1.1.17-3.el8
H Incorrect Authorization	<0:2.0.7-3.el8
H Incorrect Authorization	<0:1.1.17-3.el8
H Incorrect Authorization	<0:2.0.7-3.el8
H NULL Pointer Dereference	<0:2.0.7-3.el8
H NULL Pointer Dereference	<0:1.1.17-3.el8
H Incorrect Authorization	<0:1.1.17-3.el8
H Incorrect Authorization	<0:2.0.7-3.el8
H Incorrect Authorization	<0:2.0.7-3.el8
H Incorrect Authorization	<0:1.1.17-3.el8
M Out-of-bounds Read	*
H Improper Authentication	<0:2.0.9-3.el8
H Resource Exhaustion	<0:2.0.9-3.el8
H Always-Incorrect Control Flow Implementation	<0:2.0.9-3.el8
H Time-of-check Time-of-use (TOCTOU)	<0:2.0.9-3.el8
H Use After Free	<0:2.0.9-3.el8
H Use After Free	<0:2.0.9-3.el8
H NULL Pointer Dereference	<0:2.0.9-3.el8
H Resource Exhaustion	<0:2.0.9-3.el8
M Improper Access Control	*
M Improper Access Control	*
H Allocation of Resources Without Limits or Throttling	<0:2.0.9-3.el8
M Incorrect Authorization	*
M Incorrect Authorization	*
M Always-Incorrect Control Flow Implementation	*
M Always-Incorrect Control Flow Implementation	*
M Directory Traversal	*
H Improper Validation of Array Index	<0:2.0.9-3.el8
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:2.0.9-3.el8
M Improper Input Validation	<0:1.1.6-1.el8
H Resource Exhaustion	<0:1.0.2-3.el8
M Improper Input Validation	*
L Insufficient Entropy	*
M Integer Overflow or Wraparound	*
M Buffer Overflow	*
M Missing Release of Resource after Effective Lifetime	*
M Use of a Broken or Risky Cryptographic Algorithm	*
M Resource Exhaustion	*
M Incorrect Authorization	*
M Integer Overflow or Wraparound	*
M Information Exposure	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Resource Exhaustion	*
H Race Condition	<0:2.0.9-3.el8
H Improper Input Validation	<0:2.0.9-3.el8
M Resource Exhaustion	*
M Improper Input Validation	*
M Improper Input Validation	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.1.6-1.el8
M Incorrect Calculation	*
M Incorrect Calculation	*
M Incorrect Calculation	*
M Cross-site Scripting (XSS)	<0:1.1.6-1.el8
H NULL Pointer Dereference	*
M Improper Certificate Validation	*
M Improper Certificate Validation	*
M Improper Certificate Validation	*
L Race Condition	<0:1.1.11-2.el8
L Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.1.11-2.el8
H Resource Exhaustion	<0:1.0.1-8.el8
H Resource Exhaustion	<0:1.0.1-8.el8
M Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Improper Input Validation	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Improper Handling of Length Parameter Inconsistency	<0:1.1.6-1.el8
H Improper Validation of Array Index	<0:2.0.9-3.el8
H Improper Validation of Array Index	<0:2.0.9-3.el8

Vulnerability

Vulnerable Version

Open Redirect

<0:1.1.6-1.el8

Improperly Implemented Security Check for Standard

<0:1.0.3-1.el8

Improper Access Control

<0:1.0.3-1.el8

Incorrect Calculation of Buffer Size

<0:1.0.3-1.el8

Information Exposure