Red Hat Service Mesh
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Service Mesh.
Recent Red Hat Service Mesh Security Advisories
| Advisory | Title | Published |
|---|---|---|
| RHSA-2025:3922 | (RHSA-2025:3922) Moderate: Red Hat OpenShift Service Mesh Containers for 2.5.10 | April 15, 2025 |
| RHSA-2025:1053 | (RHSA-2025:1053) Important: Red Hat OpenShift Service Mesh Containers for 2.6.5 | February 5, 2025 |
| RHSA-2025:1051 | (RHSA-2025:1051) Important: Red Hat OpenShift Service Mesh Containers for 2.5.8 | February 5, 2025 |
| RHSA-2025:1050 | (RHSA-2025:1050) Important: Red Hat OpenShift Service Mesh Containers for 2.4.14 | February 5, 2025 |
| RHSA-2024:10908 | (RHSA-2024:10908) Moderate: Red Hat OpenShift Service Mesh Containers for 2.5.7 | December 10, 2024 |
| RHSA-2024:10907 | (RHSA-2024:10907) Low: Red Hat OpenShift Service Mesh Containers for 2.4.13 | December 10, 2024 |
| RHSA-2024:9629 | (RHSA-2024:9629) Important: Red Hat OpenShift Service Mesh Containers for 2.5.6 | November 14, 2024 |
| RHSA-2024:9627 | (RHSA-2024:9627) Moderate: Red Hat OpenShift Service Mesh Containers for 2.6.3 | November 14, 2024 |
| RHSA-2024:7726 | (RHSA-2024:7726) Important: Red Hat OpenShift Service Mesh Containers for 2.6.2 | October 7, 2024 |
| RHSA-2024:7725 | (RHSA-2024:7725) Important: Red Hat OpenShift Service Mesh Containers for 2.5.5 | October 7, 2024 |
By the Year
In 2025 there have been 3 vulnerabilities in Red Hat Service Mesh with an average score of 4.9 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 3 | 4.93 |
It may take a day or so for new Service Mesh vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Service Mesh Security Vulnerabilities
Supabase Live Query Bypass Lets Guest Users Access Unauthorized Data
CVE-2025-11060
5.7 - Medium
- September 26, 2025
A flaw was found in the live query subscription mechanism of the database engine. This vulnerability allows record or guest users to observe unauthorized records within the same table, bypassing access controls, via crafted LIVE SELECT subscriptions when other users alter or delete records.
AuthZ
CIRCL FourQ RCE via Low-Order Point Injection in Diffie-Hellman
CVE-2025-8556
3.7 - Low
- August 06, 2025
A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.
Improper Verification of Cryptographic Signature
serialize-javascript XSS via unsanitized regex input
CVE-2024-11831
5.4 - Medium
- February 10, 2025
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Service Mesh or by Red Hat? Click the Watch button to subscribe.
