Issued:: 2026-06-16
Updated:: 2026-06-16

RHSA-2026:26210 - Security Advisory

Overview

Synopsis

Red Hat OpenShift Service Mesh 3.0.12

Type/Severity

Security Advisory: Important

Topic

Red Hat OpenShift Service Mesh 3.0.12

This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Service Mesh 3.0.12, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.

Security Fix(es):

openshift-service-mesh/istio-proxyv2-rhel9: envoy: HTTP/2 Remote Denial of Service via HPACK compression bomb and Slowloris-style attack (CVE-2026-47774)

Solution

See Red Hat OpenShift Service Mesh 3.0.12 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0

Affected Products

Red Hat OpenShift Service Mesh

Fixes

(none)

CVEs

CVE-2026-47774

References

https://access.redhat.com/security/updates/classification/

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

RHSA-2026:26210 - Security Advisory

Synopsis

Type/Severity

Topic

Description

Solution

Affected Products

Fixes

CVEs

References

Quick Links

Help

Site Info

Related Sites

Red Hat legal and privacy links

Red Hat legal and privacy links