Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:33123 - Security Advisory
Issued:
2026-06-29
Updated:
2026-06-29

RHSA-2026:33123 - Security Advisory

  • Overview
  • Updated Images

Synopsis

Red Hat OpenShift Service Mesh 3.1.10

Type/Severity

Security Advisory: Important

Topic

Red Hat OpenShift Service Mesh 3.1.10

This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Service Mesh 3.1.10, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.

Security Fix(es):

  • CVE-2026-39820 openshift-golang-builder-container: Go net/mail: Denial of Service via crafted email inputs (OSSM-14266)
  • CVE-2026-42499 openshift-golang-builder-container: net/mail: Denial of Service via pathological email address parsing (OSSM-14501)
  • CVE-2026-33814 openshift-golang-builder-container: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame (OSSM-14549)
  • CVE-2026-33811 openshift-golang-builder-container: Go net package: Denial of Service via long CNAME response in LookupCNAME (OSSM-14562)

Solution

See Red Hat OpenShift Service Mesh 3.1.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1

Affected Products

  • Red Hat OpenShift Service Mesh

Fixes

(none)

CVEs

  • CVE-2026-33811
  • CVE-2026-33814
  • CVE-2026-39820
  • CVE-2026-42499

References

  • https://access.redhat.com/security/updates/classification/

amd64

registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd
registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837
registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd
registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068
registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6
registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3
registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27

arm64

registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6
registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e
registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68
registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5
registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87
registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0

ppc64le

registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f
registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71
registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566
registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255
registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810
registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca

s390x

registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c
registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9
registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc
registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19
registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425
registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility