VulnerableCode Package Details - pkg:rpm/redhat/servicemesh@2.1.3-1?arch=el8

Search for packages

Vulnerability	Summary	Fixed by
VCID-4pue-fbre-zfcf Aliases: CVE-2022-23806	Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.	There are no reported fixed by versions.
VCID-835d-4cep-d3ff Aliases: CVE-2022-23772	Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.	There are no reported fixed by versions.
VCID-qjp3-nxby-1yew Aliases: CVE-2022-31045 GHSA-xwx5-5c9g-x68x	Ill-formed headers may lead to unexpected behavior in Istio ### Impact Ill-formed headers sent to Envoy in certain configurations can lead to unexpected memory access resulting in undefined behavior or crashing. You are at most risk if you have an Istio ingress Gateway exposed to external traffic. ### Patches 1.12.8, 1.13.5, 1.14.1 ### Workarounds No. ### References More details can be found in the [Istio Security Bulletin](https://istio.io/latest/news/security/istio-security-2022-05) ### For more information If you have any questions or comments about this advisory, please email us at [istio-security-vulnerability-reports@googlegroups.com](mailto:istio-security-vulnerability-reports@googlegroups.com)	There are no reported fixed by versions.
VCID-z5x6-xqtc-q3at Aliases: CVE-2022-23773	Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-4pue-fbre-zfcf
Aliases:
CVE-2022-23806

Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.

There are no reported fixed by versions.

VCID-835d-4cep-d3ff
Aliases:
CVE-2022-23772

Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.

There are no reported fixed by versions.

VCID-qjp3-nxby-1yew
Aliases:
CVE-2022-31045
GHSA-xwx5-5c9g-x68x

Ill-formed headers may lead to unexpected behavior in Istio ### Impact Ill-formed headers sent to Envoy in certain configurations can lead to unexpected memory access resulting in undefined behavior or crashing. You are at most risk if you have an Istio ingress Gateway exposed to external traffic. ### Patches 1.12.8, 1.13.5, 1.14.1 ### Workarounds No. ### References More details can be found in the [Istio Security Bulletin](https://istio.io/latest/news/security/istio-security-2022-05) ### For more information If you have any questions or comments about this advisory, please email us at [istio-security-vulnerability-reports@googlegroups.com](mailto:istio-security-vulnerability-reports@googlegroups.com)

There are no reported fixed by versions.

VCID-z5x6-xqtc-q3at
Aliases:
CVE-2022-23773

Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:59:51.831928+00:00	RedHat Importer	Affected by	VCID-835d-4cep-d3ff	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23772.json	38.0.0
2026-04-01T13:59:39.891699+00:00	RedHat Importer	Affected by	VCID-z5x6-xqtc-q3at	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23773.json	38.0.0
2026-04-01T13:59:39.400436+00:00	RedHat Importer	Affected by	VCID-4pue-fbre-zfcf	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23806.json	38.0.0
2026-04-01T13:58:11.970394+00:00	RedHat Importer	Affected by	VCID-qjp3-nxby-1yew	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31045.json	38.0.0