VDB
RHEA-2019%3A3809
RHEA-2019%3A3809
PUBLISHED
CVSS 7.5 HIGH
Red Hat Enhancement Advisory: Red Hat OpenShift Service Mesh 1.0.2 RPMs
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat:service_mesh:1.0::el8 | servicemesh-sidecar-injector | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-mixc | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-prometheus | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-proxy | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-mixs | 0, 0 |
| Red Hat:service_mesh:1.0::el7 | kiali | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-galley | 0, 0 |
| Red Hat:service_mesh:1.0::el7 | jaeger | 0, 0 |
| Red Hat:service_mesh:1.0::el7 | jaeger-operator | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-grafana | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-operator | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-cni | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-citadel | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-pilot-agent | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-grafana-prometheus | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-pilot-discovery | 0, 0 |
| Red Hat:service_mesh:1.0::el8 | servicemesh-istioctl | 0, 0 |
Exploit Intelligence
- CVE.json (github-poc)
- CVE.json (github-poc)
- .trivyignore.yaml (github-poc)
- .trivyignore.yaml (github-poc)
- Nuclei Template: CVE-2019-11253 (nuclei-template)
- Nuclei Template: CVE-2019-11253 (nuclei-template)
Timeline
- Nov 7, 2019 CVE Published
- Mar 2, 2026 CVE Updated
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHEA-2019:3809 advisory
- https://issues.redhat.com/browse/MAISTRA-947 article
- https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhea-2019_3809.json advisory
- https://access.redhat.com/security/cve/CVE-2019-11253 report
- https://bugzilla.redhat.com/show_bug.cgi?id=1757701 report
- https://www.cve.org/CVERecord?id=CVE-2019-11253 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2019-11253 advisory
- https://www.stackrox.com/post/2019/09/protecting-kubernetes-api-against-cve-2019-11253-billion-laughs-attack/ article