Showing 1 - 3 of 3

CVE-2022-29225

Status Candidate

Overview

Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 secompressors accumulate decompressed data into an intermediate buffer before overwriting the body in the decode/encodeBody. This may allow an attacker to zip bomb the decompressor by sending a small highly compressed payload. Maliciously constructed zip files may exhaust system memory and cause a denial of service. Users are advised to upgrade. Users unable to upgrade may consider disabling decompression.

Related Files

Red Hat Security Advisory 2022-5004-01: Posted Jul 27, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5004-01 - Red Hat OpenShift Service Mesh is a Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include a bypass vulnerability.; tags | advisory, bypass; systems | linux, redhat; advisories | CVE-2022-23772, CVE-2022-23773, CVE-2022-23806, CVE-2022-29224, CVE-2022-29225, CVE-2022-29226, CVE-2022-29228, CVE-2022-31045; SHA-256 | 35a47e2ecff919e901f717a43ffc339e38e16f417ab570df07a79b36cf11b44b; Download | Favorite | View

Red Hat Security Advisory 2022-5003-01: Posted Jun 19, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5003-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the release.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-29224, CVE-2022-29225; SHA-256 | 3e89f1b575c71b638c4fb2fb2ecb01028ffb26b3c3b4e8ddeef4458d8372083a; Download | Favorite | View

Red Hat Security Advisory 2022-5006-01: Posted Jun 19, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5006-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include a traversal vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2018-25032, CVE-2021-25219, CVE-2021-3634, CVE-2021-3737, CVE-2021-38185, CVE-2021-3981, CVE-2021-4189, CVE-2021-43813, CVE-2022-1154, CVE-2022-1271, CVE-2022-1650, CVE-2022-23772, CVE-2022-23773, CVE-2022-23806, CVE-2022-24675, CVE-2022-24785, CVE-2022-28327, CVE-2022-29224, CVE-2022-29225, CVE-2022-29226, CVE-2022-29228, CVE-2022-31045; SHA-256 | 6f6ba67471416e8a7e06343894cacbc3dcadc86799322067063a37ae1ba3d122; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 204 files
Ubuntu 73 files
Debian 21 files
tmrswrr 6 files
Ahmet Umit Bayram 6 files
Gentoo 5 files
ron190 5 files
Amit Roy 4 files
Furkan Eren Tetik 4 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,089)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,065)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,505)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,086)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (16,114)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,587)
UNIX (9,420)
UnixWare (187)
Windows (6,664)
Other

CVE-2022-29225

Overview

Related Files

File Archive:

June 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems