Issued:: 2025-12-09
Updated:: 2025-12-09

RHSA-2025:22939 - Red Hat OpenShift Service Mesh 3.0.7

Synopsis

Red Hat OpenShift Service Mesh 3.0.7

Type/Severity

Security Advisory Low

Topic

Red Hat OpenShift Service Mesh 3.0.7

Description

Red Hat OpenShift Service Mesh 3.0.7, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.

Security Fix(es):

istio-proxyv2-rhel9: AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections (CVE-2025-53643)

Solution

See Red Hat OpenShift Service Mesh 3.0.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0

Affected Products

Product	Version	Arch
Red Hat OpenShift Service Mesh	3	x86_64

Fixes

(none)

CVEs

(none)

References

https://access.redhat.com/security/cve/CVE-2025-53643

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.