VYPR

rpm package

opensuse/istioctl&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/istioctl&distro=openSUSE%20Tumbleweed

Vulnerabilities (8)

  • CVE-2025-68121CriFeb 5, 2026
    affected < 1.28.4-1.1fixed 1.28.4-1.1

    During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and

  • CVE-2025-61732Feb 5, 2026
    affected < 1.28.4-1.1fixed 1.28.4-1.1

    A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.

  • CVE-2025-62408Dec 8, 2025
    affected < 1.28.2-1.1fixed 1.28.2-1.1

    c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using read_answer() and process_answer(), which can cause a Denial of Service. This issue is fixed in version 1.34.6.

  • CVE-2025-62504Oct 16, 2025
    affected < 1.27.3-1.1fixed 1.27.3-1.1

    Envoy is an open source edge and service proxy. Envoy versions earlier than 1.36.2, 1.35.6, 1.34.10, and 1.33.12 contain a use-after-free vulnerability in the Lua filter. When a Lua script executing in the response phase rewrites a response body so that its size exceeds the confi

  • CVE-2025-62409Oct 16, 2025
    affected < 1.27.3-1.1fixed 1.27.3-1.1

    Envoy is a cloud-native, open source edge and service proxy. Prior to 1.36.1, 1.35.5, 1.34.9, and 1.33.10, large requests and responses can potentially trigger TCP connection pool crashes due to flow control management in Envoy. It will happen when the connection is closing but u

  • CVE-2025-30157Mar 21, 2025
    affected < 1.25.1-1.1fixed 1.25.1-1.1

    Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's ext_proc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the fail

  • CVE-2024-24791HigJul 2, 2024
    affected < 1.22.3-1.1fixed 1.22.3-1.1

    The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the co

  • CVE-2024-39305Jul 1, 2024
    affected < 1.22.3-1.1fixed 1.22.3-1.1

    Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the eff