VDB

RHSA-2022%3A5006

RHSA-2022%3A5006 PUBLISHED CVSS 9.300000190734863 CRITICAL

A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website.

Risk Scores

CVSS 3.1
9.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

Affected Products

VendorProductVersions
Red Hatopenshift-service-mesh/ratelimit-rhel8@sha256:400e8ea6ad46cae63b321bad3e8ca30189c9d5b0713e2c0c2cf1ca811f959ad1_s390x as a component of OpenShift Service Mesh 2.1*
Red Hatopenshift-service-mesh/istio-cni-rhel8@sha256:d35bf874ea380d8bb261dcd44acc097cfbe30a5116b1b5270345f823b08f5c6a_ppc64le as a component of OpenShift Service Mesh 2.1openshift-service-mesh/istio-cni-rhel8@sha256:d35bf874ea380d8bb261dcd44acc097cfbe30a5116b1b5270345f823b08f5c6a_ppc64le
Red Hatopenshift-service-mesh/kiali-rhel8@sha256:24bf5471e8b80ecc7e7bf78697ffdeb11f9aef24dfcc1e9a70002d8595058c53_s390x as a component of OpenShift Service Mesh 2.1openshift-service-mesh/kiali-rhel8@sha256:24bf5471e8b80ecc7e7bf78697ffdeb11f9aef24dfcc1e9a70002d8595058c53_s390x
Red Hatopenshift-service-mesh/grafana-rhel8@sha256:80f846861ea0da09cfdceaf88febad3fcc81a3fbcaf152c864c0178b46da99af_amd64 as a component of OpenShift Service Mesh 2.1openshift-service-mesh/grafana-rhel8@sha256:80f846861ea0da09cfdceaf88febad3fcc81a3fbcaf152c864c0178b46da99af_amd64
Red Hatopenshift-service-mesh/kiali-rhel8-operator@sha256:6d6a35aa10dc35bafc4dc1ba84f7490e2c81515af7d55e394c50061adbab73f8_s390x as a component of OpenShift Service Mesh 2.1openshift-service-mesh/kiali-rhel8-operator@sha256:6d6a35aa10dc35bafc4dc1ba84f7490e2c81515af7d55e394c50061adbab73f8_s390x
Red Hatopenshift-service-mesh/proxyv2-rhel8@sha256:915caeda1e92378cf59087213301ca07234570ae04561b9de19196bbf29475e4_ppc64le as a component of OpenShift Service Mesh 2.1*
Red Hatopenshift-service-mesh/kiali-rhel8@sha256:180a8353d6c49ae0683c9503bca87fa63bb770f7f21eb4b7132221635a54e76a_amd64 as a component of OpenShift Service Mesh 2.1openshift-service-mesh/kiali-rhel8@sha256:180a8353d6c49ae0683c9503bca87fa63bb770f7f21eb4b7132221635a54e76a_amd64
Red Hatopenshift-service-mesh/kiali-rhel8@sha256:24bf5471e8b80ecc7e7bf78697ffdeb11f9aef24dfcc1e9a70002d8595058c53_s390x as a component of OpenShift Service Mesh 2.1openshift-service-mesh/kiali-rhel8@sha256:24bf5471e8b80ecc7e7bf78697ffdeb11f9aef24dfcc1e9a70002d8595058c53_s390x
Red Hatopenshift-service-mesh/prometheus-rhel8@sha256:dd85b4878cae2830db264bb7c01230fde316a0de8e5385ca9ea5a454156a4093_ppc64le as a component of OpenShift Service Mesh 2.1openshift-service-mesh/prometheus-rhel8@sha256:dd85b4878cae2830db264bb7c01230fde316a0de8e5385ca9ea5a454156a4093_ppc64le
Red Hatopenshift-service-mesh/kiali-rhel8@sha256:b8dcb96c7f8fb1668b5ddcc8fd96e5f252ca351b128160362f188d77df24a3c9_ppc64le as a component of OpenShift Service Mesh 2.1openshift-service-mesh/kiali-rhel8@sha256:b8dcb96c7f8fb1668b5ddcc8fd96e5f252ca351b128160362f188d77df24a3c9_ppc64le
Red Hatopenshift-service-mesh/istio-must-gather-rhel8@sha256:59318d17b29c8b1e6b2edb177a116b41ccebd935c6a4a0a64e2683080ee06151_s390x as a component of OpenShift Service Mesh 2.1openshift-service-mesh/istio-must-gather-rhel8@sha256:59318d17b29c8b1e6b2edb177a116b41ccebd935c6a4a0a64e2683080ee06151_s390x
Red Hatopenshift-service-mesh/istio-must-gather-rhel8@sha256:2a82697fb50eaea57e19a3306bdeeb500194ad2209307818e4a30e3e104efb53_amd64 as a component of OpenShift Service Mesh 2.1*
Red Hatopenshift-service-mesh/grafana-rhel8@sha256:80f846861ea0da09cfdceaf88febad3fcc81a3fbcaf152c864c0178b46da99af_amd64 as a component of OpenShift Service Mesh 2.1openshift-service-mesh/grafana-rhel8@sha256:80f846861ea0da09cfdceaf88febad3fcc81a3fbcaf152c864c0178b46da99af_amd64
Red Hatopenshift-service-mesh/ratelimit-rhel8@sha256:811afd6e88b72f09a091ba5304891c88afd968ddbe634622257c752374747c85_ppc64le as a component of OpenShift Service Mesh 2.1openshift-service-mesh/ratelimit-rhel8@sha256:811afd6e88b72f09a091ba5304891c88afd968ddbe634622257c752374747c85_ppc64le
Red Hatopenshift-service-mesh/istio-rhel8-operator@sha256:2bd7402728aed0af2359038c4ec30dd82f74024a34fabc07ec92f91ec38bbb58_s390x as a component of OpenShift Service Mesh 2.1*
Red Hatopenshift-service-mesh/prometheus-rhel8@sha256:dd85b4878cae2830db264bb7c01230fde316a0de8e5385ca9ea5a454156a4093_ppc64le as a component of OpenShift Service Mesh 2.1openshift-service-mesh/prometheus-rhel8@sha256:dd85b4878cae2830db264bb7c01230fde316a0de8e5385ca9ea5a454156a4093_ppc64le
Red Hatopenshift-service-mesh/istio-rhel8-operator@sha256:2bd7402728aed0af2359038c4ec30dd82f74024a34fabc07ec92f91ec38bbb58_s390x as a component of OpenShift Service Mesh 2.1*
Red Hatopenshift-service-mesh/prometheus-rhel8@sha256:a0faa36376620395fda20353f55dc99fe818883b6d90dba7160288498efa26aa_s390x as a component of OpenShift Service Mesh 2.1openshift-service-mesh/prometheus-rhel8@sha256:a0faa36376620395fda20353f55dc99fe818883b6d90dba7160288498efa26aa_s390x
Red Hatopenshift-service-mesh/proxyv2-rhel8@sha256:915caeda1e92378cf59087213301ca07234570ae04561b9de19196bbf29475e4_ppc64le as a component of OpenShift Service Mesh 2.1*
Red Hatopenshift-service-mesh/kiali-rhel8-operator@sha256:3a603914d980b7f50e587ae778ca80ef3ecd8c802dc94ee4045c3b79c8f3fccb_ppc64le as a component of OpenShift Service Mesh 2.1openshift-service-mesh/kiali-rhel8-operator@sha256:3a603914d980b7f50e587ae778ca80ef3ecd8c802dc94ee4045c3b79c8f3fccb_ppc64le

…and 40 more

Timeline

  • Jun 13, 2022 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›