Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:33142 - Security Advisory
Issued:
2026-06-29
Updated:
2026-06-29

RHSA-2026:33142 - Security Advisory

  • Overview
  • Updated Images

Synopsis

Red Hat OpenShift Service Mesh 3.2.7

Type/Severity

Security Advisory: Important

Topic

Red Hat OpenShift Service Mesh 3.2.7

This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Service Mesh 3.2.7, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.
Security Fix(es):

  • CVE-2026-39820 openshift-golang-builder-container: Go net/mail: Denial of Service via crafted email inputs (OSSM-14267)
  • CVE-2026-33814 openshift-golang-builder-container: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame (OSSM-14551)
  • CVE-2026-42499 openshift-golang-builder-container: net/mail: Denial of Service via pathological email address parsing (OSSM-14499)
  • CVE-2026-33811 openshift-golang-builder-container: Go net package: Denial of Service via long CNAME response in LookupCNAME (OSSM-14566)

Solution

See Red Hat OpenShift Service Mesh 3.2.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2

Affected Products

  • Red Hat OpenShift Service Mesh

Fixes

(none)

CVEs

  • CVE-2026-33811
  • CVE-2026-33814
  • CVE-2026-39820
  • CVE-2026-42499

References

  • https://access.redhat.com/security/updates/classification/

amd64

registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39
registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7
registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c
registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65
registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5
registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375
registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a

arm64

registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118
registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b
registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772
registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2
registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e
registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d

ppc64le

registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2
registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65
registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad
registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d
registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9
registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b

s390x

registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e
registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af
registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02
registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248
registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f
registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility