Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-23766

Опубликовано: 15 янв. 2026
Источник: redhat

Описание

No description is available for this CVE.

Отчет

This CVE has been marked as Rejected by the assigning CNA.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
cert-manager Operator for Red Hat OpenShiftcert-manager/cert-manager-istio-csr-rhel9Fix deferred
cert-manager Operator for Red Hat OpenShiftcert-manager/cert-manager-operator-bundleFix deferred
cert-manager Operator for Red Hat OpenShiftcert-manager/cert-manager-operator-rhel9Fix deferred
cert-manager Operator for Red Hat OpenShiftcert-manager/jetstack-cert-manager-acmesolver-rhel9Fix deferred
cert-manager Operator for Red Hat OpenShiftcert-manager/jetstack-cert-manager-rhel9Fix deferred
ExternalDNS Operatoredo/external-dns-rhel8Fix deferred
ExternalDNS Operatoredo/external-dns-rhel9Fix deferred
OpenShift Serverlessopenshift-serverless-1/kn-eventing-istio-controller-rhel9Fix deferred
OpenShift Serverlessopenshift-serverless-1/net-istio-controller-rhel9Fix deferred
OpenShift Serverlessopenshift-serverless-1/net-istio-webhook-rhel9Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Дефект:
CWE-88
https://bugzilla.redhat.com/show_bug.cgi?id=2430117istio: Istio: Firewall rule injection via annotation allows limited integrity impact

Связанные уязвимости

nvd логотип

CVE-2026-23766

nvd
2 месяца назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

github логотип

GHSA-rxpp-hm83-q524

CVSS3: 4.1
github
2 месяца назад

Istio through 1.28.2 allows iptables rule injection for changing firewall behavior via the traffic.sidecar.istio.io/excludeInterfaces annotation. NOTE: the reporter's position is "this doesn't represent a security vulnerability (pod creators can already exclude sidecar injection entirely)."