Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-41717 (GCVE-0-2022-41717)
Vulnerability from cvelistv5 – Published: 2022-12-08 19:03 – Updated: 2025-02-13 16:33
VLAI
EPSS
Title
Excessive memory growth in net/http and golang.org/x/net/http2
Summary
An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
Severity
No CVSS data available.
CWE
- CWE 400: Uncontrolled Resource Consumption
Assigner
References
23 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | net/http |
Affected:
0 , < 1.18.9
(semver)
Affected: 1.19.0-0 , < 1.19.4 (semver) |
|
| golang.org/x/net | golang.org/x/net/http2 |
Affected:
0 , < 0.4.0
(semver)
|
Credits
Josselin Costanzi
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:49:43.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230120-0008/"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/issue/56350"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/cl/455717"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/cl/455635"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"tags": [
"x_transferred"
],
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/http",
"product": "net/http",
"programRoutines": [
{
"name": "http2serverConn.canonicalHeader"
},
{
"name": "ListenAndServe"
},
{
"name": "ListenAndServeTLS"
},
{
"name": "Serve"
},
{
"name": "ServeTLS"
},
{
"name": "Server.ListenAndServe"
},
{
"name": "Server.ListenAndServeTLS"
},
{
"name": "Server.Serve"
},
{
"name": "Server.ServeTLS"
},
{
"name": "http2Server.ServeConn"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.18.9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.19.4",
"status": "affected",
"version": "1.19.0-0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/http2",
"product": "golang.org/x/net/http2",
"programRoutines": [
{
"name": "serverConn.canonicalHeader"
},
{
"name": "Server.ServeConn"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.4.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Josselin Costanzi"
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE 400: Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:06:25.182Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/56350"
},
{
"url": "https://go.dev/cl/455717"
},
{
"url": "https://go.dev/cl/455635"
},
{
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
},
{
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
}
],
"title": "Excessive memory growth in net/http and golang.org/x/net/http2"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2022-41717",
"datePublished": "2022-12-08T19:03:53.161Z",
"dateReserved": "2022-09-28T17:00:06.608Z",
"dateUpdated": "2025-02-13T16:33:08.284Z",
"requesterUserId": "7d08541a-cd0a-42e2-8f81-76e6ceb65fc3",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-41717",
"date": "2026-05-29",
"epss": "0.00331",
"percentile": "0.56237"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-41717\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2022-12-08T20:15:10.330\",\"lastModified\":\"2024-11-21T07:23:43.713\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.\"},{\"lang\":\"es\",\"value\":\"Un atacante puede provocar un crecimiento excesivo de la memoria en un servidor Go que acepta solicitudes HTTP/2. Las conexiones del servidor HTTP/2 contienen un cach\u00e9 de claves de encabezado HTTP enviadas por el cliente. Si bien el n\u00famero total de entradas en esta cach\u00e9 est\u00e1 limitado, un atacante que env\u00eda claves muy grandes puede hacer que el servidor asigne aproximadamente 64 MiB por conexi\u00f3n abierta.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.18.9\",\"matchCriteriaId\":\"E0CD51B1-029E-442F-BE6A-772F4754D240\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.19.0\",\"versionEndExcluding\":\"1.19.4\",\"matchCriteriaId\":\"B6AEBFD1-DEE2-40E0-B65C-8C7885014797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.4.0\",\"matchCriteriaId\":\"BBFC0CE7-CD35-4FCF-A37A-DBC5D6DA16D2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/455635\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://go.dev/cl/455717\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://go.dev/issue/56350\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2022-1144\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/cl/455635\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://go.dev/cl/455717\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://go.dev/issue/56350\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2022-1144\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20230120-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
OPENSUSE-SU-2024:12553-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
go1.19-1.19.4-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: go1.19-1.19.4-1.1 on GA media
Description of the patch: These are all security issues fixed in the go1.19-1.19.4-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12553
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.19-1.19.4-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-1.19.4-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-1.19.4-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-1.19.4-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.19-1.19.4-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-1.19.4-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-1.19.4-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-1.19.4-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.19-1.19.4-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.19-1.19.4-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12553",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12553-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41717 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41720 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41720/"
}
],
"title": "go1.19-1.19.4-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12553-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.19-1.19.4-1.1.aarch64",
"product": {
"name": "go1.19-1.19.4-1.1.aarch64",
"product_id": "go1.19-1.19.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.19-doc-1.19.4-1.1.aarch64",
"product": {
"name": "go1.19-doc-1.19.4-1.1.aarch64",
"product_id": "go1.19-doc-1.19.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.19-race-1.19.4-1.1.aarch64",
"product": {
"name": "go1.19-race-1.19.4-1.1.aarch64",
"product_id": "go1.19-race-1.19.4-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.19-1.19.4-1.1.ppc64le",
"product": {
"name": "go1.19-1.19.4-1.1.ppc64le",
"product_id": "go1.19-1.19.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.19-doc-1.19.4-1.1.ppc64le",
"product": {
"name": "go1.19-doc-1.19.4-1.1.ppc64le",
"product_id": "go1.19-doc-1.19.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.19-race-1.19.4-1.1.ppc64le",
"product": {
"name": "go1.19-race-1.19.4-1.1.ppc64le",
"product_id": "go1.19-race-1.19.4-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.19-1.19.4-1.1.s390x",
"product": {
"name": "go1.19-1.19.4-1.1.s390x",
"product_id": "go1.19-1.19.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.19-doc-1.19.4-1.1.s390x",
"product": {
"name": "go1.19-doc-1.19.4-1.1.s390x",
"product_id": "go1.19-doc-1.19.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.19-race-1.19.4-1.1.s390x",
"product": {
"name": "go1.19-race-1.19.4-1.1.s390x",
"product_id": "go1.19-race-1.19.4-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.19-1.19.4-1.1.x86_64",
"product": {
"name": "go1.19-1.19.4-1.1.x86_64",
"product_id": "go1.19-1.19.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.19-doc-1.19.4-1.1.x86_64",
"product": {
"name": "go1.19-doc-1.19.4-1.1.x86_64",
"product_id": "go1.19-doc-1.19.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.19-race-1.19.4-1.1.x86_64",
"product": {
"name": "go1.19-race-1.19.4-1.1.x86_64",
"product_id": "go1.19-race-1.19.4-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-1.19.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-1.19.4-1.1.aarch64"
},
"product_reference": "go1.19-1.19.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-1.19.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-1.19.4-1.1.ppc64le"
},
"product_reference": "go1.19-1.19.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-1.19.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-1.19.4-1.1.s390x"
},
"product_reference": "go1.19-1.19.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-1.19.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-1.19.4-1.1.x86_64"
},
"product_reference": "go1.19-1.19.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-doc-1.19.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.aarch64"
},
"product_reference": "go1.19-doc-1.19.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-doc-1.19.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.ppc64le"
},
"product_reference": "go1.19-doc-1.19.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-doc-1.19.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.s390x"
},
"product_reference": "go1.19-doc-1.19.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-doc-1.19.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.x86_64"
},
"product_reference": "go1.19-doc-1.19.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-race-1.19.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.aarch64"
},
"product_reference": "go1.19-race-1.19.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-race-1.19.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.ppc64le"
},
"product_reference": "go1.19-race-1.19.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-race-1.19.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.s390x"
},
"product_reference": "go1.19-race-1.19.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.19-race-1.19.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.x86_64"
},
"product_reference": "go1.19-race-1.19.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41717"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41717",
"url": "https://www.suse.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "SUSE Bug 1206135 for CVE-2022-41717",
"url": "https://bugzilla.suse.com/1206135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41717"
},
{
"cve": "CVE-2022-41720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41720"
}
],
"notes": [
{
"category": "general",
"text": "On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS(\"C:/tmp\").Open(\"COM1\") opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS(\"\") has changed. Previously, an empty root was treated equivalently to \"/\", so os.DirFS(\"\").Open(\"tmp\") would open the path \"/tmp\". This now returns an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41720",
"url": "https://www.suse.com/security/cve/CVE-2022-41720"
},
{
"category": "external",
"summary": "SUSE Bug 1206134 for CVE-2022-41720",
"url": "https://bugzilla.suse.com/1206134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-doc-1.19.4-1.1.x86_64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.aarch64",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.ppc64le",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.s390x",
"openSUSE Tumbleweed:go1.19-race-1.19.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41720"
}
]
}
OPENSUSE-SU-2024:12615-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
traefik-2.9.6-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: traefik-2.9.6-1.1 on GA media
Description of the patch: These are all security issues fixed in the traefik-2.9.6-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12615
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "traefik-2.9.6-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the traefik-2.9.6-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12615",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12615-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23469 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41717 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46153 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46153/"
}
],
"title": "traefik-2.9.6-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12615-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "traefik-2.9.6-1.1.aarch64",
"product": {
"name": "traefik-2.9.6-1.1.aarch64",
"product_id": "traefik-2.9.6-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-2.9.6-1.1.ppc64le",
"product": {
"name": "traefik-2.9.6-1.1.ppc64le",
"product_id": "traefik-2.9.6-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-2.9.6-1.1.s390x",
"product": {
"name": "traefik-2.9.6-1.1.s390x",
"product_id": "traefik-2.9.6-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-2.9.6-1.1.x86_64",
"product": {
"name": "traefik-2.9.6-1.1.x86_64",
"product_id": "traefik-2.9.6-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-2.9.6-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64"
},
"product_reference": "traefik-2.9.6-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-2.9.6-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le"
},
"product_reference": "traefik-2.9.6-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-2.9.6-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x"
},
"product_reference": "traefik-2.9.6-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-2.9.6-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64"
},
"product_reference": "traefik-2.9.6-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-23469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23469"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik displaying the Authorization header in its debug logs. In certain cases, if the log level is set to DEBUG, credentials provided using the Authorization header are displayed in the debug logs. Attackers must have access to a users logging system in order for credentials to be stolen. This issue has been addressed in version 2.9.6. Users are advised to upgrade. Users unable to upgrade may set the log level to `INFO`, `WARN`, or `ERROR`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23469",
"url": "https://www.suse.com/security/cve/CVE-2022-23469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-23469"
},
{
"cve": "CVE-2022-41717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41717"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41717",
"url": "https://www.suse.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "SUSE Bug 1206135 for CVE-2022-41717",
"url": "https://bugzilla.suse.com/1206135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41717"
},
{
"cve": "CVE-2022-46153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46153"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS connection set with a wrong CA file is exposed without verifying the client certificates. Users are advised to upgrade to version 2.9.6. Users unable to upgrade should check their logs to detect the error messages and fix your TLS options.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46153",
"url": "https://www.suse.com/security/cve/CVE-2022-46153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-2.9.6-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.9.6-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-46153"
}
]
}
OPENSUSE-SU-2024:13225-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
velero-1.11.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: velero-1.11.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the velero-1.11.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13225
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:velero-1.11.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-1.11.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-1.11.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-1.11.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:velero-1.11.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-1.11.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-1.11.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-1.11.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "velero-1.11.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the velero-1.11.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13225",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13225-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27191 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41717 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41717/"
}
],
"title": "velero-1.11.1-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13225-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "velero-1.11.1-1.1.aarch64",
"product": {
"name": "velero-1.11.1-1.1.aarch64",
"product_id": "velero-1.11.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "velero-bash-completion-1.11.1-1.1.aarch64",
"product": {
"name": "velero-bash-completion-1.11.1-1.1.aarch64",
"product_id": "velero-bash-completion-1.11.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "velero-fish-completion-1.11.1-1.1.aarch64",
"product": {
"name": "velero-fish-completion-1.11.1-1.1.aarch64",
"product_id": "velero-fish-completion-1.11.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "velero-zsh-completion-1.11.1-1.1.aarch64",
"product": {
"name": "velero-zsh-completion-1.11.1-1.1.aarch64",
"product_id": "velero-zsh-completion-1.11.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "velero-1.11.1-1.1.ppc64le",
"product": {
"name": "velero-1.11.1-1.1.ppc64le",
"product_id": "velero-1.11.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "velero-bash-completion-1.11.1-1.1.ppc64le",
"product": {
"name": "velero-bash-completion-1.11.1-1.1.ppc64le",
"product_id": "velero-bash-completion-1.11.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "velero-fish-completion-1.11.1-1.1.ppc64le",
"product": {
"name": "velero-fish-completion-1.11.1-1.1.ppc64le",
"product_id": "velero-fish-completion-1.11.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "velero-zsh-completion-1.11.1-1.1.ppc64le",
"product": {
"name": "velero-zsh-completion-1.11.1-1.1.ppc64le",
"product_id": "velero-zsh-completion-1.11.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "velero-1.11.1-1.1.s390x",
"product": {
"name": "velero-1.11.1-1.1.s390x",
"product_id": "velero-1.11.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "velero-bash-completion-1.11.1-1.1.s390x",
"product": {
"name": "velero-bash-completion-1.11.1-1.1.s390x",
"product_id": "velero-bash-completion-1.11.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "velero-fish-completion-1.11.1-1.1.s390x",
"product": {
"name": "velero-fish-completion-1.11.1-1.1.s390x",
"product_id": "velero-fish-completion-1.11.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "velero-zsh-completion-1.11.1-1.1.s390x",
"product": {
"name": "velero-zsh-completion-1.11.1-1.1.s390x",
"product_id": "velero-zsh-completion-1.11.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "velero-1.11.1-1.1.x86_64",
"product": {
"name": "velero-1.11.1-1.1.x86_64",
"product_id": "velero-1.11.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "velero-bash-completion-1.11.1-1.1.x86_64",
"product": {
"name": "velero-bash-completion-1.11.1-1.1.x86_64",
"product_id": "velero-bash-completion-1.11.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "velero-fish-completion-1.11.1-1.1.x86_64",
"product": {
"name": "velero-fish-completion-1.11.1-1.1.x86_64",
"product_id": "velero-fish-completion-1.11.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "velero-zsh-completion-1.11.1-1.1.x86_64",
"product": {
"name": "velero-zsh-completion-1.11.1-1.1.x86_64",
"product_id": "velero-zsh-completion-1.11.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-1.11.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-1.11.1-1.1.aarch64"
},
"product_reference": "velero-1.11.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-1.11.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-1.11.1-1.1.ppc64le"
},
"product_reference": "velero-1.11.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-1.11.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-1.11.1-1.1.s390x"
},
"product_reference": "velero-1.11.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-1.11.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-1.11.1-1.1.x86_64"
},
"product_reference": "velero-1.11.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-bash-completion-1.11.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.aarch64"
},
"product_reference": "velero-bash-completion-1.11.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-bash-completion-1.11.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.ppc64le"
},
"product_reference": "velero-bash-completion-1.11.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-bash-completion-1.11.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.s390x"
},
"product_reference": "velero-bash-completion-1.11.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-bash-completion-1.11.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.x86_64"
},
"product_reference": "velero-bash-completion-1.11.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-fish-completion-1.11.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.aarch64"
},
"product_reference": "velero-fish-completion-1.11.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-fish-completion-1.11.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.ppc64le"
},
"product_reference": "velero-fish-completion-1.11.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-fish-completion-1.11.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.s390x"
},
"product_reference": "velero-fish-completion-1.11.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-fish-completion-1.11.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.x86_64"
},
"product_reference": "velero-fish-completion-1.11.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-zsh-completion-1.11.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.aarch64"
},
"product_reference": "velero-zsh-completion-1.11.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-zsh-completion-1.11.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.ppc64le"
},
"product_reference": "velero-zsh-completion-1.11.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-zsh-completion-1.11.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.s390x"
},
"product_reference": "velero-zsh-completion-1.11.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velero-zsh-completion-1.11.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.x86_64"
},
"product_reference": "velero-zsh-completion-1.11.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27191"
}
],
"notes": [
{
"category": "general",
"text": "The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:velero-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27191",
"url": "https://www.suse.com/security/cve/CVE-2022-27191"
},
{
"category": "external",
"summary": "SUSE Bug 1197284 for CVE-2022-27191",
"url": "https://bugzilla.suse.com/1197284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:velero-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:velero-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-27191"
},
{
"cve": "CVE-2022-41717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41717"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:velero-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41717",
"url": "https://www.suse.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "SUSE Bug 1206135 for CVE-2022-41717",
"url": "https://bugzilla.suse.com/1206135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:velero-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:velero-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-bash-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-fish-completion-1.11.1-1.1.x86_64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.aarch64",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.ppc64le",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.s390x",
"openSUSE Tumbleweed:velero-zsh-completion-1.11.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41717"
}
]
}
OPENSUSE-SU-2024:13299-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
kustomize-5.1.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kustomize-5.1.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the kustomize-5.1.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13299
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kustomize-5.1.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-5.1.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-5.1.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-5.1.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kustomize-5.1.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kustomize-5.1.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13299",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13299-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41717 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41717/"
}
],
"title": "kustomize-5.1.1-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13299-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kustomize-5.1.1-1.1.aarch64",
"product": {
"name": "kustomize-5.1.1-1.1.aarch64",
"product_id": "kustomize-5.1.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kustomize-bash-completion-5.1.1-1.1.aarch64",
"product": {
"name": "kustomize-bash-completion-5.1.1-1.1.aarch64",
"product_id": "kustomize-bash-completion-5.1.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kustomize-fish-completion-5.1.1-1.1.aarch64",
"product": {
"name": "kustomize-fish-completion-5.1.1-1.1.aarch64",
"product_id": "kustomize-fish-completion-5.1.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kustomize-zsh-completion-5.1.1-1.1.aarch64",
"product": {
"name": "kustomize-zsh-completion-5.1.1-1.1.aarch64",
"product_id": "kustomize-zsh-completion-5.1.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kustomize-5.1.1-1.1.ppc64le",
"product": {
"name": "kustomize-5.1.1-1.1.ppc64le",
"product_id": "kustomize-5.1.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kustomize-bash-completion-5.1.1-1.1.ppc64le",
"product": {
"name": "kustomize-bash-completion-5.1.1-1.1.ppc64le",
"product_id": "kustomize-bash-completion-5.1.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kustomize-fish-completion-5.1.1-1.1.ppc64le",
"product": {
"name": "kustomize-fish-completion-5.1.1-1.1.ppc64le",
"product_id": "kustomize-fish-completion-5.1.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kustomize-zsh-completion-5.1.1-1.1.ppc64le",
"product": {
"name": "kustomize-zsh-completion-5.1.1-1.1.ppc64le",
"product_id": "kustomize-zsh-completion-5.1.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kustomize-5.1.1-1.1.s390x",
"product": {
"name": "kustomize-5.1.1-1.1.s390x",
"product_id": "kustomize-5.1.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kustomize-bash-completion-5.1.1-1.1.s390x",
"product": {
"name": "kustomize-bash-completion-5.1.1-1.1.s390x",
"product_id": "kustomize-bash-completion-5.1.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kustomize-fish-completion-5.1.1-1.1.s390x",
"product": {
"name": "kustomize-fish-completion-5.1.1-1.1.s390x",
"product_id": "kustomize-fish-completion-5.1.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kustomize-zsh-completion-5.1.1-1.1.s390x",
"product": {
"name": "kustomize-zsh-completion-5.1.1-1.1.s390x",
"product_id": "kustomize-zsh-completion-5.1.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kustomize-5.1.1-1.1.x86_64",
"product": {
"name": "kustomize-5.1.1-1.1.x86_64",
"product_id": "kustomize-5.1.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kustomize-bash-completion-5.1.1-1.1.x86_64",
"product": {
"name": "kustomize-bash-completion-5.1.1-1.1.x86_64",
"product_id": "kustomize-bash-completion-5.1.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kustomize-fish-completion-5.1.1-1.1.x86_64",
"product": {
"name": "kustomize-fish-completion-5.1.1-1.1.x86_64",
"product_id": "kustomize-fish-completion-5.1.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kustomize-zsh-completion-5.1.1-1.1.x86_64",
"product": {
"name": "kustomize-zsh-completion-5.1.1-1.1.x86_64",
"product_id": "kustomize-zsh-completion-5.1.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-5.1.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-5.1.1-1.1.aarch64"
},
"product_reference": "kustomize-5.1.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-5.1.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-5.1.1-1.1.ppc64le"
},
"product_reference": "kustomize-5.1.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-5.1.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-5.1.1-1.1.s390x"
},
"product_reference": "kustomize-5.1.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-5.1.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-5.1.1-1.1.x86_64"
},
"product_reference": "kustomize-5.1.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-bash-completion-5.1.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.aarch64"
},
"product_reference": "kustomize-bash-completion-5.1.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-bash-completion-5.1.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.ppc64le"
},
"product_reference": "kustomize-bash-completion-5.1.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-bash-completion-5.1.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.s390x"
},
"product_reference": "kustomize-bash-completion-5.1.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-bash-completion-5.1.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.x86_64"
},
"product_reference": "kustomize-bash-completion-5.1.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-fish-completion-5.1.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.aarch64"
},
"product_reference": "kustomize-fish-completion-5.1.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-fish-completion-5.1.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.ppc64le"
},
"product_reference": "kustomize-fish-completion-5.1.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-fish-completion-5.1.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.s390x"
},
"product_reference": "kustomize-fish-completion-5.1.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-fish-completion-5.1.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.x86_64"
},
"product_reference": "kustomize-fish-completion-5.1.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-zsh-completion-5.1.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.aarch64"
},
"product_reference": "kustomize-zsh-completion-5.1.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-zsh-completion-5.1.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.ppc64le"
},
"product_reference": "kustomize-zsh-completion-5.1.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-zsh-completion-5.1.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.s390x"
},
"product_reference": "kustomize-zsh-completion-5.1.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kustomize-zsh-completion-5.1.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.x86_64"
},
"product_reference": "kustomize-zsh-completion-5.1.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41717"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.x86_64",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.x86_64",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.x86_64",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41717",
"url": "https://www.suse.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "SUSE Bug 1206135 for CVE-2022-41717",
"url": "https://bugzilla.suse.com/1206135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.x86_64",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.x86_64",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.x86_64",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-5.1.1-1.1.x86_64",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-bash-completion-5.1.1-1.1.x86_64",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-fish-completion-5.1.1-1.1.x86_64",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.aarch64",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.ppc64le",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.s390x",
"openSUSE Tumbleweed:kustomize-zsh-completion-5.1.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41717"
}
]
}
OPENSUSE-SU-2024:14076-1
Vulnerability from csaf_opensuse - Published: 2024-06-24 00:00 - Updated: 2024-06-24 00:00Summary
traefik2-2.11.5-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: traefik2-2.11.5-1.1 on GA media
Description of the patch: These are all security issues fixed in the traefik2-2.11.5-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14076
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
46 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "traefik2-2.11.5-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the traefik2-2.11.5-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14076",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14076-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23469 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41717 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41724 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46153 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-24534 page",
"url": "https://www.suse.com/security/cve/CVE-2023-24534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29013 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39325 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45283 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45284 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47106 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47124 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47633 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28869/"
}
],
"title": "traefik2-2.11.5-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-24T00:00:00Z",
"generator": {
"date": "2024-06-24T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14076-1",
"initial_release_date": "2024-06-24T00:00:00Z",
"revision_history": [
{
"date": "2024-06-24T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.5-1.1.aarch64",
"product": {
"name": "traefik2-2.11.5-1.1.aarch64",
"product_id": "traefik2-2.11.5-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.5-1.1.ppc64le",
"product": {
"name": "traefik2-2.11.5-1.1.ppc64le",
"product_id": "traefik2-2.11.5-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.5-1.1.s390x",
"product": {
"name": "traefik2-2.11.5-1.1.s390x",
"product_id": "traefik2-2.11.5-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.5-1.1.x86_64",
"product": {
"name": "traefik2-2.11.5-1.1.x86_64",
"product_id": "traefik2-2.11.5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64"
},
"product_reference": "traefik2-2.11.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le"
},
"product_reference": "traefik2-2.11.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x"
},
"product_reference": "traefik2-2.11.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
},
"product_reference": "traefik2-2.11.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-23469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23469"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik displaying the Authorization header in its debug logs. In certain cases, if the log level is set to DEBUG, credentials provided using the Authorization header are displayed in the debug logs. Attackers must have access to a users logging system in order for credentials to be stolen. This issue has been addressed in version 2.9.6. Users are advised to upgrade. Users unable to upgrade may set the log level to `INFO`, `WARN`, or `ERROR`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23469",
"url": "https://www.suse.com/security/cve/CVE-2022-23469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-23469"
},
{
"cve": "CVE-2022-41717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41717"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41717",
"url": "https://www.suse.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "SUSE Bug 1206135 for CVE-2022-41717",
"url": "https://bugzilla.suse.com/1206135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41717"
},
{
"cve": "CVE-2022-41724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41724"
}
],
"notes": [
{
"category": "general",
"text": "Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth \u003e= RequestClientCert).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41724",
"url": "https://www.suse.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "SUSE Bug 1208271 for CVE-2022-41724",
"url": "https://bugzilla.suse.com/1208271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41724"
},
{
"cve": "CVE-2022-46153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46153"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS connection set with a wrong CA file is exposed without verifying the client certificates. Users are advised to upgrade to version 2.9.6. Users unable to upgrade should check their logs to detect the error messages and fix your TLS options.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46153",
"url": "https://www.suse.com/security/cve/CVE-2022-46153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-46153"
},
{
"cve": "CVE-2023-24534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-24534"
}
],
"notes": [
{
"category": "general",
"text": "HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than required to hold the parsed headers. An attacker can exploit this behavior to cause an HTTP server to allocate large amounts of memory from a small request, potentially leading to memory exhaustion and a denial of service. With fix, header parsing now correctly allocates only the memory required to hold parsed headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-24534",
"url": "https://www.suse.com/security/cve/CVE-2023-24534"
},
{
"category": "external",
"summary": "SUSE Bug 1210127 for CVE-2023-24534",
"url": "https://bugzilla.suse.com/1210127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-24534"
},
{
"cve": "CVE-2023-29013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29013"
}
],
"notes": [
{
"category": "general",
"text": "Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This behavior could be exploited to cause a denial of service. This issue has been patched in versions 2.9.10 and 2.10.0-rc2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29013",
"url": "https://www.suse.com/security/cve/CVE-2023-29013"
},
{
"category": "external",
"summary": "SUSE Bug 1210505 for CVE-2023-29013",
"url": "https://bugzilla.suse.com/1210505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-29013"
},
{
"cve": "CVE-2023-39325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39325"
}
],
"notes": [
{
"category": "general",
"text": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39325",
"url": "https://www.suse.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "SUSE Bug 1216109 for CVE-2023-39325",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "external",
"summary": "SUSE Bug 1230323 for CVE-2023-39325",
"url": "https://bugzilla.suse.com/1230323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-39325"
},
{
"cve": "CVE-2023-45283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45283"
}
],
"notes": [
{
"category": "general",
"text": "The filepath package does not recognize paths with a \\??\\ prefix as special. On Windows, a path beginning with \\??\\ is a Root Local Device path equivalent to a path beginning with \\\\?\\. Paths with a \\??\\ prefix may be used to access arbitrary locations on the system. For example, the path \\??\\c:\\x is equivalent to the more common path c:\\x. Before fix, Clean could convert a rooted path such as \\a\\..\\??\\b into the root local device path \\??\\b. Clean will now convert this to .\\??\\b. Similarly, Join(\\, ??, b) could convert a seemingly innocent sequence of path elements into the root local device path \\??\\b. Join will now convert this to \\.\\??\\b. In addition, with fix, IsAbs now correctly reports paths beginning with \\??\\ as absolute, and VolumeName correctly reports the \\??\\ prefix as a volume name. UPDATE: Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the volume name in Windows paths starting with \\?, resulting in filepath.Clean(\\?\\c:) returning \\?\\c: rather than \\?\\c:\\ (among other effects). The previous behavior has been restored.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45283",
"url": "https://www.suse.com/security/cve/CVE-2023-45283"
},
{
"category": "external",
"summary": "SUSE Bug 1216943 for CVE-2023-45283",
"url": "https://bugzilla.suse.com/1216943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-45283"
},
{
"cve": "CVE-2023-45284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45284"
}
],
"notes": [
{
"category": "general",
"text": "On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as \"COM1 \", and reserved names \"COM\" and \"LPT\" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45284",
"url": "https://www.suse.com/security/cve/CVE-2023-45284"
},
{
"category": "external",
"summary": "SUSE Bug 1216944 for CVE-2023-45284",
"url": "https://bugzilla.suse.com/1216944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-45284"
},
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-47106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47106"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path and the query. When this is combined with another frontend proxy like Nginx, it can be used to bypass frontend proxy URI-based access control restrictions. This vulnerability has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47106",
"url": "https://www.suse.com/security/cve/CVE-2023-47106"
},
{
"category": "external",
"summary": "SUSE Bug 1217804 for CVE-2023-47106",
"url": "https://bugzilla.suse.com/1217804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-47106"
},
{
"cve": "CVE-2023-47124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47124"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. When Traefik is configured to use the `HTTPChallenge` to generate and renew the Let\u0027s Encrypt TLS certificates, the delay authorized to solve the challenge (50 seconds) can be exploited by attackers to achieve a `slowloris attack`. This vulnerability has been patch in version 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. Users unable to upgrade should replace the `HTTPChallenge` with the `TLSChallenge` or the `DNSChallenge`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47124",
"url": "https://www.suse.com/security/cve/CVE-2023-47124"
},
{
"category": "external",
"summary": "SUSE Bug 1217806 for CVE-2023-47124",
"url": "https://bugzilla.suse.com/1217806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-47124"
},
{
"cve": "CVE-2023-47633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47633"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47633",
"url": "https://www.suse.com/security/cve/CVE-2023-47633"
},
{
"category": "external",
"summary": "SUSE Bug 1217807 for CVE-2023-47633",
"url": "https://bugzilla.suse.com/1217807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-47633"
},
{
"cve": "CVE-2024-24788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24788"
}
],
"notes": [
{
"category": "general",
"text": "A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24788",
"url": "https://www.suse.com/security/cve/CVE-2024-24788"
},
{
"category": "external",
"summary": "SUSE Bug 1224018 for CVE-2024-24788",
"url": "https://bugzilla.suse.com/1224018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-24788"
},
{
"cve": "CVE-2024-28869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28869"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an HTTP reverse proxy and load balancer. In affected versions sending a GET request to any Traefik endpoint with the \"Content-length\" request header results in an indefinite hang with the default configuration. This vulnerability can be exploited by attackers to induce a denial of service. This vulnerability has been addressed in version 2.11.2 and 3.0.0-rc5. Users are advised to upgrade. For affected versions, this vulnerability can be mitigated by configuring the readTimeout option.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28869",
"url": "https://www.suse.com/security/cve/CVE-2024-28869"
},
{
"category": "external",
"summary": "SUSE Bug 1222825 for CVE-2024-28869",
"url": "https://bugzilla.suse.com/1222825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-28869"
}
]
}
RHSA-2023:0328
Vulnerability from csaf_redhat - Published: 2023-01-23 15:26 - Updated: 2026-05-28 20:28Summary
Red Hat Security Advisory: go-toolset and golang security and bug fix update
Severity
Moderate
Notes
Topic: An update for go-toolset and golang is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
The golang packages provide the Go programming language compiler.
Security Fix(es):
* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Internal linking fails on ppc64le (BZ#2144547)
* crypto testcases fail on golang on s390x [rhel-9] (BZ#2149311)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.
6.5 (Medium)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64 | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64 | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request's form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64 | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64 | — |
Threats
Impact
Moderate
A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.
6.5 (Medium)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64 | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64 | — |
Threats
Impact
Moderate
An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.
6.5 (Medium)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64 | — |
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le | — |
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x | — |
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src | — |
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64 | — |
Workaround
|
Threats
Impact
Low
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.
6.5 (Medium)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64 | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64 | — |
Threats
Impact
Moderate
A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
5.3 (Medium)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64 | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src | — | ||
| Unresolved product id: AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64 | — |
Threats
Impact
Moderate
References
45 references
Acknowledgments
ADA Logics
Adam Korczynski
OSS-Fuzz
Head of Research, Oxeye
Daniel Abeles
Security Researcher, Oxeye
Gal Goldstein
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for go-toolset and golang is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.\n\nThe golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Internal linking fails on ppc64le (BZ#2144547)\n\n* crypto testcases fail on golang on s390x [rhel-9] (BZ#2149311)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0328",
"url": "https://access.redhat.com/errata/RHSA-2023:0328"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2149311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149311"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0328.json"
}
],
"title": "Red Hat Security Advisory: go-toolset and golang security and bug fix update",
"tracking": {
"current_release_date": "2026-05-28T20:28:15+00:00",
"generator": {
"date": "2026-05-28T20:28:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2023:0328",
"initial_release_date": "2023-01-23T15:26:30+00:00",
"revision_history": [
{
"date": "2023-01-23T15:26:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-23T15:26:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:28:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.18.9-1.el9_1.src",
"product": {
"name": "go-toolset-0:1.18.9-1.el9_1.src",
"product_id": "go-toolset-0:1.18.9-1.el9_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.18.9-1.el9_1?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.18.9-1.el9_1.src",
"product": {
"name": "golang-0:1.18.9-1.el9_1.src",
"product_id": "golang-0:1.18.9-1.el9_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.18.9-1.el9_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.18.9-1.el9_1.aarch64",
"product": {
"name": "go-toolset-0:1.18.9-1.el9_1.aarch64",
"product_id": "go-toolset-0:1.18.9-1.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.18.9-1.el9_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.18.9-1.el9_1.aarch64",
"product": {
"name": "golang-0:1.18.9-1.el9_1.aarch64",
"product_id": "golang-0:1.18.9-1.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.18.9-1.el9_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.18.9-1.el9_1.aarch64",
"product": {
"name": "golang-bin-0:1.18.9-1.el9_1.aarch64",
"product_id": "golang-bin-0:1.18.9-1.el9_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.18.9-1.el9_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.18.9-1.el9_1.ppc64le",
"product": {
"name": "go-toolset-0:1.18.9-1.el9_1.ppc64le",
"product_id": "go-toolset-0:1.18.9-1.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.18.9-1.el9_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.18.9-1.el9_1.ppc64le",
"product": {
"name": "golang-0:1.18.9-1.el9_1.ppc64le",
"product_id": "golang-0:1.18.9-1.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.18.9-1.el9_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.18.9-1.el9_1.ppc64le",
"product": {
"name": "golang-bin-0:1.18.9-1.el9_1.ppc64le",
"product_id": "golang-bin-0:1.18.9-1.el9_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.18.9-1.el9_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.18.9-1.el9_1.x86_64",
"product": {
"name": "go-toolset-0:1.18.9-1.el9_1.x86_64",
"product_id": "go-toolset-0:1.18.9-1.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.18.9-1.el9_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.18.9-1.el9_1.x86_64",
"product": {
"name": "golang-0:1.18.9-1.el9_1.x86_64",
"product_id": "golang-0:1.18.9-1.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.18.9-1.el9_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.18.9-1.el9_1.x86_64",
"product": {
"name": "golang-bin-0:1.18.9-1.el9_1.x86_64",
"product_id": "golang-bin-0:1.18.9-1.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.18.9-1.el9_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.18.9-1.el9_1.x86_64",
"product": {
"name": "golang-race-0:1.18.9-1.el9_1.x86_64",
"product_id": "golang-race-0:1.18.9-1.el9_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.18.9-1.el9_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.18.9-1.el9_1.s390x",
"product": {
"name": "go-toolset-0:1.18.9-1.el9_1.s390x",
"product_id": "go-toolset-0:1.18.9-1.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.18.9-1.el9_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.18.9-1.el9_1.s390x",
"product": {
"name": "golang-0:1.18.9-1.el9_1.s390x",
"product_id": "golang-0:1.18.9-1.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.18.9-1.el9_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.18.9-1.el9_1.s390x",
"product": {
"name": "golang-bin-0:1.18.9-1.el9_1.s390x",
"product_id": "golang-bin-0:1.18.9-1.el9_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.18.9-1.el9_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.18.9-1.el9_1.noarch",
"product": {
"name": "golang-docs-0:1.18.9-1.el9_1.noarch",
"product_id": "golang-docs-0:1.18.9-1.el9_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.18.9-1.el9_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.18.9-1.el9_1.noarch",
"product": {
"name": "golang-misc-0:1.18.9-1.el9_1.noarch",
"product_id": "golang-misc-0:1.18.9-1.el9_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.18.9-1.el9_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.18.9-1.el9_1.noarch",
"product": {
"name": "golang-src-0:1.18.9-1.el9_1.noarch",
"product_id": "golang-src-0:1.18.9-1.el9_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.18.9-1.el9_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.18.9-1.el9_1.noarch",
"product": {
"name": "golang-tests-0:1.18.9-1.el9_1.noarch",
"product_id": "golang-tests-0:1.18.9-1.el9_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.18.9-1.el9_1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.18.9-1.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64"
},
"product_reference": "go-toolset-0:1.18.9-1.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.18.9-1.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le"
},
"product_reference": "go-toolset-0:1.18.9-1.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.18.9-1.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x"
},
"product_reference": "go-toolset-0:1.18.9-1.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.18.9-1.el9_1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src"
},
"product_reference": "go-toolset-0:1.18.9-1.el9_1.src",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.18.9-1.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
},
"product_reference": "go-toolset-0:1.18.9-1.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.18.9-1.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64"
},
"product_reference": "golang-0:1.18.9-1.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.18.9-1.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le"
},
"product_reference": "golang-0:1.18.9-1.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.18.9-1.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x"
},
"product_reference": "golang-0:1.18.9-1.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.18.9-1.el9_1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src"
},
"product_reference": "golang-0:1.18.9-1.el9_1.src",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.18.9-1.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64"
},
"product_reference": "golang-0:1.18.9-1.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.18.9-1.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64"
},
"product_reference": "golang-bin-0:1.18.9-1.el9_1.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.18.9-1.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le"
},
"product_reference": "golang-bin-0:1.18.9-1.el9_1.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.18.9-1.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x"
},
"product_reference": "golang-bin-0:1.18.9-1.el9_1.s390x",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.18.9-1.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64"
},
"product_reference": "golang-bin-0:1.18.9-1.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.18.9-1.el9_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch"
},
"product_reference": "golang-docs-0:1.18.9-1.el9_1.noarch",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.18.9-1.el9_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch"
},
"product_reference": "golang-misc-0:1.18.9-1.el9_1.noarch",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.18.9-1.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64"
},
"product_reference": "golang-race-0:1.18.9-1.el9_1.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.18.9-1.el9_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch"
},
"product_reference": "golang-src-0:1.18.9-1.el9_1.noarch",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.18.9-1.el9_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
},
"product_reference": "golang-tests-0:1.18.9-1.el9_1.noarch",
"relates_to_product_reference": "AppStream-9.1.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-2879",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.\n\n\nThis flaw additionally affects the github.com/vbatts/tar-split library and was fixed in v0.12.1.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"known_not_affected": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2879"
},
{
"category": "external",
"summary": "RHBZ#2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54853",
"url": "https://github.com/golang/go/issues/54853"
},
{
"category": "external",
"summary": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1",
"url": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-23T15:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0328"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers"
},
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"known_not_affected": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-23T15:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0328"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"cve": "CVE-2022-27664",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124669"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: handle server errors after sending GOAWAY",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"known_not_affected": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "RHBZ#2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
},
{
"category": "external",
"summary": "https://go.dev/issue/54658",
"url": "https://go.dev/issue/54658"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-23T15:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0328"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: handle server errors after sending GOAWAY"
},
{
"cve": "CVE-2022-32189",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-08-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2113814"
}
],
"notes": [
{
"category": "description",
"text": "An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw stems from a particular and specific method (GoBDecode) which isn\u0027t commonly used. There are few components within Red Hat offerings which call this function. In rare cases where this method is called, the component limits possible damage or it is not possible to be triggered by an attacker. For these combined reasons the impact has been downgraded to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"known_not_affected": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32189"
},
{
"category": "external",
"summary": "RHBZ#2113814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189"
},
{
"category": "external",
"summary": "https://go.dev/issue/53871",
"url": "https://go.dev/issue/53871"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU",
"url": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU"
}
],
"release_date": "2022-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-23T15:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0328"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"known_not_affected": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-23T15:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0328"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"cve": "CVE-2022-41717",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"known_not_affected": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "RHBZ#2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
},
{
"category": "external",
"summary": "https://go.dev/cl/455635",
"url": "https://go.dev/cl/455635"
},
{
"category": "external",
"summary": "https://go.dev/cl/455717",
"url": "https://go.dev/cl/455717"
},
{
"category": "external",
"summary": "https://go.dev/issue/56350",
"url": "https://go.dev/issue/56350"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-1144",
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
}
],
"release_date": "2022-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-23T15:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0328"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:go-toolset-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.src",
"AppStream-9.1.0.Z.MAIN:golang-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.aarch64",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.ppc64le",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.s390x",
"AppStream-9.1.0.Z.MAIN:golang-bin-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-docs-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-misc-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-race-0:1.18.9-1.el9_1.x86_64",
"AppStream-9.1.0.Z.MAIN:golang-src-0:1.18.9-1.el9_1.noarch",
"AppStream-9.1.0.Z.MAIN:golang-tests-0:1.18.9-1.el9_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
}
]
}
RHSA-2023:0446
Vulnerability from csaf_redhat - Published: 2023-01-25 09:20 - Updated: 2026-05-28 20:28Summary
Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update
Severity
Moderate
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Internal linking fails on ppc64le (BZ#2144545)
* crypto testcases fail on golang on s390x [rhel-8] (BZ#2149313)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.
6.5 (Medium)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request's form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.
6.5 (Medium)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.
6.5 (Medium)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.
6.5 (Medium)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
5.3 (Medium)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
46 references
Acknowledgments
ADA Logics
Adam Korczynski
OSS-Fuzz
Head of Research, Oxeye
Daniel Abeles
Security Researcher, Oxeye
Gal Goldstein
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Internal linking fails on ppc64le (BZ#2144545)\n\n* crypto testcases fail on golang on s390x [rhel-8] (BZ#2149313)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0446",
"url": "https://access.redhat.com/errata/RHSA-2023:0446"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2139718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139718"
},
{
"category": "external",
"summary": "2149313",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149313"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0446.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update",
"tracking": {
"current_release_date": "2026-05-28T20:28:17+00:00",
"generator": {
"date": "2026-05-28T20:28:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2023:0446",
"initial_release_date": "2023-01-25T09:20:12+00:00",
"revision_history": [
{
"date": "2023-01-25T09:20:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-25T09:20:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T20:28:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.18.9-1.module%2Bel8.7.0%2B17845%2B708ebe87?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.18.9-1.module%2Bel8.7.0%2B17845%2B708ebe87?arch=src\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src (go-toolset:rhel8)",
"product_id": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=src\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src (go-toolset:rhel8)",
"product_id": "delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.8.3-1.module%2Bel8.7.0%2B15126%2B0e0a42d9?arch=src\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=noarch\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=noarch\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=noarch\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=noarch\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.18.9-1.module%2Bel8.7.0%2B17845%2B708ebe87?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.18.9-1.module%2Bel8.7.0%2B17845%2B708ebe87?arch=s390x\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=s390x\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=s390x\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.8.3-1.module%2Bel8.7.0%2B15126%2B0e0a42d9?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.8.3-1.module%2Bel8.7.0%2B15126%2B0e0a42d9?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.8.3-1.module%2Bel8.7.0%2B15126%2B0e0a42d9?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.18.9-1.module%2Bel8.7.0%2B17845%2B708ebe87?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.18.9-1.module%2Bel8.7.0%2B17640%2B84246675?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8070020230116141618:ded9a3e2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-2879",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.\n\n\nThis flaw additionally affects the github.com/vbatts/tar-split library and was fixed in v0.12.1.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2879"
},
{
"category": "external",
"summary": "RHBZ#2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54853",
"url": "https://github.com/golang/go/issues/54853"
},
{
"category": "external",
"summary": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1",
"url": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-25T09:20:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0446"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers"
},
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-25T09:20:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0446"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"cve": "CVE-2022-27664",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124669"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: handle server errors after sending GOAWAY",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "RHBZ#2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
},
{
"category": "external",
"summary": "https://go.dev/issue/54658",
"url": "https://go.dev/issue/54658"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-25T09:20:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0446"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: handle server errors after sending GOAWAY"
},
{
"cve": "CVE-2022-32189",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2113814"
}
],
"notes": [
{
"category": "description",
"text": "An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw stems from a particular and specific method (GoBDecode) which isn\u0027t commonly used. There are few components within Red Hat offerings which call this function. In rare cases where this method is called, the component limits possible damage or it is not possible to be triggered by an attacker. For these combined reasons the impact has been downgraded to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32189"
},
{
"category": "external",
"summary": "RHBZ#2113814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189"
},
{
"category": "external",
"summary": "https://go.dev/issue/53871",
"url": "https://go.dev/issue/53871"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU",
"url": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU"
}
],
"release_date": "2022-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-25T09:20:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0446"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-25T09:20:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0446"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"cve": "CVE-2022-41717",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "RHBZ#2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
},
{
"category": "external",
"summary": "https://go.dev/cl/455635",
"url": "https://go.dev/cl/455635"
},
{
"category": "external",
"summary": "https://go.dev/cl/455717",
"url": "https://go.dev/cl/455717"
},
{
"category": "external",
"summary": "https://go.dev/issue/56350",
"url": "https://go.dev/issue/56350"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-1144",
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
}
],
"release_date": "2022-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-25T09:20:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0446"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debuginfo-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:delve-debugsource-0:1.8.3-1.module+el8.7.0+15126+0e0a42d9.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:go-toolset-0:1.18.9-1.module+el8.7.0+17845+708ebe87.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.src::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.aarch64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.ppc64le::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.s390x::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-bin-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-docs-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-misc-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-race-0:1.18.9-1.module+el8.7.0+17640+84246675.x86_64::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-src-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8",
"AppStream-8.7.0.Z.MAIN:golang-tests-0:1.18.9-1.module+el8.7.0+17640+84246675.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
}
]
}
RHSA-2023:0584
Vulnerability from csaf_redhat - Published: 2023-05-18 14:27 - Updated: 2026-05-28 21:01Summary
Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.1 security update
Severity
Moderate
Notes
Topic: Secondary Scheduler Operator for Red Hat OpenShift 1.1.1
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Secondary Scheduler Operator for Red Hat OpenShift 1.1.1
Security Fix(es):
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)
* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)
* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request's form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64 | — |
Vendor Fix
fix
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64 | — |
Vendor Fix
fix
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64 | — |
Threats
Impact
Moderate
An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64 | — |
Workaround
|
Threats
Impact
Low
A flaw was found in the golang package. The JoinPath doesn't remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64 | — |
Vendor Fix
fix
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64 | — |
Vendor Fix
fix
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64 | — |
Vendor Fix
fix
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64 | — |
Vendor Fix
fix
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64 | — |
Vendor Fix
fix
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64 | — |
Threats
Impact
Moderate
References
64 references
Acknowledgments
Head of Research, Oxeye
Daniel Abeles
Security Researcher, Oxeye
Gal Goldstein
ADA Logics
Adam Korczynski
OSS-Fuzz
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Secondary Scheduler Operator for Red Hat OpenShift 1.1.1\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Secondary Scheduler Operator for Red Hat OpenShift 1.1.1\n\nSecurity Fix(es):\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0584",
"url": "https://access.redhat.com/errata/RHSA-2023:0584"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2113814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
},
{
"category": "external",
"summary": "2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "WRKLDS-653",
"url": "https://issues.redhat.com/browse/WRKLDS-653"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0584.json"
}
],
"title": "Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.1 security update",
"tracking": {
"current_release_date": "2026-05-28T21:01:23+00:00",
"generator": {
"date": "2026-05-28T21:01:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2023:0584",
"initial_release_date": "2023-05-18T14:27:34+00:00",
"revision_history": [
{
"date": "2023-05-18T14:27:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-18T14:27:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T21:01:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OSSO 1.1 for RHEL 8",
"product": {
"name": "OSSO 1.1 for RHEL 8",
"product_id": "8Base-OSSO-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_secondary_scheduler:1.1::el8"
}
}
}
],
"category": "product_family",
"name": "Openshift Secondary Scheduler Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"product": {
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"product_id": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle\u0026tag=v1.1-26"
}
}
},
{
"category": "product_version",
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64",
"product": {
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64",
"product_id": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64",
"product_identification_helper": {
"purl": "pkg:oci/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83?arch=amd64\u0026repository_url=registry.redhat.io/openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8\u0026tag=v1.1-26"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64 as a component of OSSO 1.1 for RHEL 8",
"product_id": "8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
},
"product_reference": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"relates_to_product_reference": "8Base-OSSO-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64 as a component of OSSO 1.1 for RHEL 8",
"product_id": "8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
},
"product_reference": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64",
"relates_to_product_reference": "8Base-OSSO-1.1"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-18T14:27:34+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0584"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"cve": "CVE-2022-27664",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124669"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: handle server errors after sending GOAWAY",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "RHBZ#2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
},
{
"category": "external",
"summary": "https://go.dev/issue/54658",
"url": "https://go.dev/issue/54658"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-18T14:27:34+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0584"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: handle server errors after sending GOAWAY"
},
{
"cve": "CVE-2022-32189",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-08-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2113814"
}
],
"notes": [
{
"category": "description",
"text": "An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw stems from a particular and specific method (GoBDecode) which isn\u0027t commonly used. There are few components within Red Hat offerings which call this function. In rare cases where this method is called, the component limits possible damage or it is not possible to be triggered by an attacker. For these combined reasons the impact has been downgraded to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32189"
},
{
"category": "external",
"summary": "RHBZ#2113814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189"
},
{
"category": "external",
"summary": "https://go.dev/issue/53871",
"url": "https://go.dev/issue/53871"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU",
"url": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU"
}
],
"release_date": "2022-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-18T14:27:34+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0584"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service"
},
{
"cve": "CVE-2022-32190",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: JoinPath does not strip relative path components in all circumstances",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32190"
},
{
"category": "external",
"summary": "RHBZ#2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190"
},
{
"category": "external",
"summary": "https://go.dev/issue/54385",
"url": "https://go.dev/issue/54385"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-18T14:27:34+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0584"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/url: JoinPath does not strip relative path components in all circumstances"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-18T14:27:34+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0584"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"cve": "CVE-2022-41717",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "RHBZ#2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
},
{
"category": "external",
"summary": "https://go.dev/cl/455635",
"url": "https://go.dev/cl/455635"
},
{
"category": "external",
"summary": "https://go.dev/cl/455717",
"url": "https://go.dev/cl/455717"
},
{
"category": "external",
"summary": "https://go.dev/issue/56350",
"url": "https://go.dev/issue/56350"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-1144",
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
}
],
"release_date": "2022-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-18T14:27:34+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0584"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
},
{
"cve": "CVE-2022-41724",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178492"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: large handshake records may cause panics",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "RHBZ#2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724"
},
{
"category": "external",
"summary": "https://go.dev/cl/468125",
"url": "https://go.dev/cl/468125"
},
{
"category": "external",
"summary": "https://go.dev/issue/58001",
"url": "https://go.dev/issue/58001"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1570",
"url": "https://pkg.go.dev/vuln/GO-2023-1570"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-18T14:27:34+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0584"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: large handshake records may cause panics"
},
{
"cve": "CVE-2022-41725",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, mime/multipart: denial of service from excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"known_not_affected": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41725"
},
{
"category": "external",
"summary": "RHBZ#2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725"
},
{
"category": "external",
"summary": "https://go.dev/cl/468124",
"url": "https://go.dev/cl/468124"
},
{
"category": "external",
"summary": "https://go.dev/issue/58006",
"url": "https://go.dev/issue/58006"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1569",
"url": "https://pkg.go.dev/vuln/GO-2023-1569"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-18T14:27:34+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0584"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:bae76f2dbbc1900048dc213026a284d7b8ef2cc07a0708eeafacacf14ae511b6_amd64",
"8Base-OSSO-1.1:openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8@sha256:13581442e0c3534437ba716096f7aad0c7d78a6bac74ffaaaac1c43605861d83_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, mime/multipart: denial of service from excessive resource consumption"
}
]
}
RHSA-2023:0631
Vulnerability from csaf_redhat - Published: 2023-02-07 17:23 - Updated: 2026-02-17 02:10Summary
Red Hat Security Advisory: RHSA: Submariner 0.14 - bug fix and security updates
Severity
Moderate
Notes
Topic: Submariner 0.14 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.7
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
Details: Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
This advisory contains bug fixes and enhancements to the Submariner container images.
Security fixes:
* CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY
* CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
* CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps
* CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
Bugs addressed:
* subctl diagnose firewall metrics does not work on merged kubeconfig (BZ# 2013711)
* [Submariner] - Fails to increase gateway amount after deployment (BZ# 2097381)
* Submariner gateway node does not get deleted with subctl cloud cleanup command (BZ# 2108634)
* submariner GW pods are unable to resolve the DNS of the Broker K8s API URL (BZ# 2119362)
* Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack (BZ# 2124219)
* unable to run subctl benchmark latency, pods fail with ImagePullBackOff (BZ# 2130326)
* [IBM Z] - Submariner addon unistallation doesnt work from ACM console (BZ# 2136442)
* Tags on AWS security group for gateway node break cloud-controller LoadBalancer (BZ# 2139477)
* RHACM - Submariner: UI support for OpenStack #19297 (ACM-1242)
* Submariner OVN support (ACM-1358)
* Submariner Azure Console support (ACM-1388)
* ManagedClusterSet consumers migrate to v1beta2 (ACM-1614)
* Submariner on disconnected ACM #22000 (ACM-1678)
* Submariner gateway: Error creating AWS security group if already exists (ACM-2055)
* Submariner gateway security group in AWS not deleted when uninstalling submariner (ACM-2057)
* The submariner-metrics-proxy pod pulls an image with wrong naming convention (ACM-2058)
* The submariner-metrics-proxy pod is not part of the Agent readiness check (ACM-2067)
* Subctl 0.14.0 prints version "vsubctl" (ACM-2132)
* managedclusters "local-cluster" not found and missing Submariner Broker CRD (ACM-2145)
* Add support of ARO to Submariner deployment (ACM-2150)
* The e2e tests execution fails for "Basic TCP connectivity" tests (ACM-2204)
* Gateway error shown "diagnose all" tests (ACM-2206)
* Submariner does not support cluster "kube-proxy ipvs mode"(ACM-2211)
* Vsphere cluster shows Pod Security admission controller warnings (ACM-2256)
* Cannot use submariner with OSP and self signed certs (ACM-2274)
* Subctl diagnose tests spawn nettest image with wrong tag nameing convention (ACM-2387)
* Subctl 0.14.1 prints version "devel" (ACM-2482)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request's form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le | — |
Vendor Fix
fix
|
Known not affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x | — |
Threats
Impact
Moderate
A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le | — |
Vendor Fix
fix
|
Known not affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le | — |
Vendor Fix
fix
|
Known not affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x | — |
Threats
Impact
Moderate
A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le | — |
Vendor Fix
fix
|
Known not affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64 | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le | — | ||
| Unresolved product id: 8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x | — |
Threats
Impact
Moderate
References
56 references
Acknowledgments
Head of Research, Oxeye
Daniel Abeles
Security Researcher, Oxeye
Gal Goldstein
ADA Logics
Adam Korczynski
OSS-Fuzz
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Submariner 0.14 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.7\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.\n\nFor more information about Submariner, see the Submariner open source community website at: https://submariner.io/.\n\nThis advisory contains bug fixes and enhancements to the Submariner container images.\n\nSecurity fixes:\n\n* CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY\n* CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters\n* CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps\n* CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests\n\nBugs addressed:\n\n* subctl diagnose firewall metrics does not work on merged kubeconfig (BZ# 2013711)\n* [Submariner] - Fails to increase gateway amount after deployment (BZ# 2097381)\n* Submariner gateway node does not get deleted with subctl cloud cleanup command (BZ# 2108634)\n* submariner GW pods are unable to resolve the DNS of the Broker K8s API URL (BZ# 2119362)\n* Submariner gateway node does not get deployed after applying ManagedClusterAddOn on Openstack (BZ# 2124219)\n* unable to run subctl benchmark latency, pods fail with ImagePullBackOff (BZ# 2130326)\n* [IBM Z] - Submariner addon unistallation doesnt work from ACM console (BZ# 2136442)\n* Tags on AWS security group for gateway node break cloud-controller LoadBalancer (BZ# 2139477)\n* RHACM - Submariner: UI support for OpenStack #19297 (ACM-1242)\n* Submariner OVN support (ACM-1358)\n* Submariner Azure Console support (ACM-1388)\n* ManagedClusterSet consumers migrate to v1beta2 (ACM-1614)\n* Submariner on disconnected ACM #22000 (ACM-1678)\n* Submariner gateway: Error creating AWS security group if already exists (ACM-2055)\n* Submariner gateway security group in AWS not deleted when uninstalling submariner (ACM-2057)\n* The submariner-metrics-proxy pod pulls an image with wrong naming convention (ACM-2058)\n* The submariner-metrics-proxy pod is not part of the Agent readiness check (ACM-2067)\n* Subctl 0.14.0 prints version \"vsubctl\" (ACM-2132)\n* managedclusters \"local-cluster\" not found and missing Submariner Broker CRD (ACM-2145)\n* Add support of ARO to Submariner deployment (ACM-2150)\n* The e2e tests execution fails for \"Basic TCP connectivity\" tests (ACM-2204)\n* Gateway error shown \"diagnose all\" tests (ACM-2206)\n* Submariner does not support cluster \"kube-proxy ipvs mode\"(ACM-2211)\n* Vsphere cluster shows Pod Security admission controller warnings (ACM-2256)\n* Cannot use submariner with OSP and self signed certs (ACM-2274)\n* Subctl diagnose tests spawn nettest image with wrong tag nameing convention (ACM-2387)\n* Subctl 0.14.1 prints version \"devel\" (ACM-2482)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0631",
"url": "https://access.redhat.com/errata/RHSA-2023:0631"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2013711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013711"
},
{
"category": "external",
"summary": "2097381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097381"
},
{
"category": "external",
"summary": "2108634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108634"
},
{
"category": "external",
"summary": "2119362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119362"
},
{
"category": "external",
"summary": "2124219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124219"
},
{
"category": "external",
"summary": "2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "2130326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130326"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2136442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136442"
},
{
"category": "external",
"summary": "2139477",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139477"
},
{
"category": "external",
"summary": "2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "ACM-1614",
"url": "https://issues.redhat.com/browse/ACM-1614"
},
{
"category": "external",
"summary": "ACM-2055",
"url": "https://issues.redhat.com/browse/ACM-2055"
},
{
"category": "external",
"summary": "ACM-2057",
"url": "https://issues.redhat.com/browse/ACM-2057"
},
{
"category": "external",
"summary": "ACM-2058",
"url": "https://issues.redhat.com/browse/ACM-2058"
},
{
"category": "external",
"summary": "ACM-2067",
"url": "https://issues.redhat.com/browse/ACM-2067"
},
{
"category": "external",
"summary": "ACM-2132",
"url": "https://issues.redhat.com/browse/ACM-2132"
},
{
"category": "external",
"summary": "ACM-2145",
"url": "https://issues.redhat.com/browse/ACM-2145"
},
{
"category": "external",
"summary": "ACM-2150",
"url": "https://issues.redhat.com/browse/ACM-2150"
},
{
"category": "external",
"summary": "ACM-2204",
"url": "https://issues.redhat.com/browse/ACM-2204"
},
{
"category": "external",
"summary": "ACM-2206",
"url": "https://issues.redhat.com/browse/ACM-2206"
},
{
"category": "external",
"summary": "ACM-2211",
"url": "https://issues.redhat.com/browse/ACM-2211"
},
{
"category": "external",
"summary": "ACM-2256",
"url": "https://issues.redhat.com/browse/ACM-2256"
},
{
"category": "external",
"summary": "ACM-2274",
"url": "https://issues.redhat.com/browse/ACM-2274"
},
{
"category": "external",
"summary": "ACM-2387",
"url": "https://issues.redhat.com/browse/ACM-2387"
},
{
"category": "external",
"summary": "ACM-2482",
"url": "https://issues.redhat.com/browse/ACM-2482"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0631.json"
}
],
"title": "Red Hat Security Advisory: RHSA: Submariner 0.14 - bug fix and security updates",
"tracking": {
"current_release_date": "2026-02-17T02:10:22+00:00",
"generator": {
"date": "2026-02-17T02:10:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2023:0631",
"initial_release_date": "2023-02-07T17:23:40+00:00",
"revision_history": [
{
"date": "2023-02-07T17:23:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-07T17:23:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-17T02:10:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"product": {
"name": "rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"product_id": "rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"product_id": "rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"product": {
"name": "rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"product_id": "rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le",
"product": {
"name": "rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le",
"product_id": "rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel8\u0026tag=v0.14.1-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"product": {
"name": "rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"product_id": "rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"product": {
"name": "rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"product_id": "rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel8\u0026tag=v0.14.1-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"product": {
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"product_id": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-networkplugin-syncer-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"product_id": "rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.14.1-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"product": {
"name": "rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"product_id": "rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel8-operator\u0026tag=v0.14.1-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"product": {
"name": "rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"product_id": "rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel8\u0026tag=v0.14.1-7"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"product": {
"name": "rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"product_id": "rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"product_id": "rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"product": {
"name": "rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"product_id": "rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"product": {
"name": "rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"product_id": "rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel8\u0026tag=v0.14.1-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"product": {
"name": "rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"product_id": "rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"product": {
"name": "rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"product_id": "rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel8\u0026tag=v0.14.1-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"product": {
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"product_id": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-networkplugin-syncer-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"product_id": "rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.14.1-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"product": {
"name": "rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"product_id": "rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel8-operator\u0026tag=v0.14.1-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"product": {
"name": "rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"product_id": "rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel8\u0026tag=v0.14.1-7"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"product": {
"name": "rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"product_id": "rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"product_id": "rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"product": {
"name": "rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"product_id": "rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"product": {
"name": "rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"product_id": "rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel8\u0026tag=v0.14.1-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"product": {
"name": "rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"product_id": "rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"product": {
"name": "rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"product_id": "rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel8\u0026tag=v0.14.1-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"product": {
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"product_id": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-networkplugin-syncer-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"product_id": "rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.14.1-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"product": {
"name": "rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"product_id": "rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel8-operator\u0026tag=v0.14.1-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x",
"product": {
"name": "rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x",
"product_id": "rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel8\u0026tag=v0.14.1-7"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"product": {
"name": "rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"product_id": "rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"product_id": "rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"product": {
"name": "rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"product_id": "rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"product": {
"name": "rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"product_id": "rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel8\u0026tag=v0.14.1-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"product": {
"name": "rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"product_id": "rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"product": {
"name": "rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"product_id": "rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel8\u0026tag=v0.14.1-10"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"product": {
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"product_id": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-networkplugin-syncer-rhel8\u0026tag=v0.14.1-7"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"product_id": "rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.14.1-16"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"product": {
"name": "rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"product_id": "rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel8-operator\u0026tag=v0.14.1-9"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"product": {
"name": "rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"product_id": "rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel8\u0026tag=v0.14.1-7"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le"
},
"product_reference": "rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64"
},
"product_reference": "rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x"
},
"product_reference": "rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64"
},
"product_reference": "rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64"
},
"product_reference": "rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le"
},
"product_reference": "rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64"
},
"product_reference": "rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x"
},
"product_reference": "rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64"
},
"product_reference": "rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x"
},
"product_reference": "rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64"
},
"product_reference": "rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le"
},
"product_reference": "rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64"
},
"product_reference": "rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le"
},
"product_reference": "rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64"
},
"product_reference": "rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x"
},
"product_reference": "rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64"
},
"product_reference": "rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64"
},
"product_reference": "rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x"
},
"product_reference": "rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le"
},
"product_reference": "rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64"
},
"product_reference": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le"
},
"product_reference": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x"
},
"product_reference": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64"
},
"product_reference": "rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64"
},
"product_reference": "rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le"
},
"product_reference": "rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x"
},
"product_reference": "rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64"
},
"product_reference": "rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64"
},
"product_reference": "rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64"
},
"product_reference": "rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le"
},
"product_reference": "rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"relates_to_product_reference": "8Base-RHACM-2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8",
"product_id": "8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
},
"product_reference": "rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x",
"relates_to_product_reference": "8Base-RHACM-2.7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le"
],
"known_not_affected": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-07T17:23:40+00:00",
"details": "For details on how to install Submariner, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/submariner#deploying-submariner-console \n\nand\n\nhttps://submariner.io/getting-started/",
"product_ids": [
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0631"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"cve": "CVE-2022-27664",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124669"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: handle server errors after sending GOAWAY",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le"
],
"known_not_affected": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "RHBZ#2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
},
{
"category": "external",
"summary": "https://go.dev/issue/54658",
"url": "https://go.dev/issue/54658"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-07T17:23:40+00:00",
"details": "For details on how to install Submariner, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/submariner#deploying-submariner-console \n\nand\n\nhttps://submariner.io/getting-started/",
"product_ids": [
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0631"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: handle server errors after sending GOAWAY"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le"
],
"known_not_affected": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-07T17:23:40+00:00",
"details": "For details on how to install Submariner, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/submariner#deploying-submariner-console \n\nand\n\nhttps://submariner.io/getting-started/",
"product_ids": [
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0631"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"cve": "CVE-2022-41717",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le"
],
"known_not_affected": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "RHBZ#2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
},
{
"category": "external",
"summary": "https://go.dev/cl/455635",
"url": "https://go.dev/cl/455635"
},
{
"category": "external",
"summary": "https://go.dev/cl/455717",
"url": "https://go.dev/cl/455717"
},
{
"category": "external",
"summary": "https://go.dev/issue/56350",
"url": "https://go.dev/issue/56350"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-1144",
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
}
],
"release_date": "2022-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-07T17:23:40+00:00",
"details": "For details on how to install Submariner, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/submariner#deploying-submariner-console \n\nand\n\nhttps://submariner.io/getting-started/",
"product_ids": [
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0631"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:135a7d6329ff7accf471f81b7cc235454a8de632d82eff7472769908dee4ea62_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:3889ac37818edf1a73a78b21117f21e03e6c5d04afce4e087df0915d29f7ae0b_arm64",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:61504950ebe4601f60431611d6edcb825cf07781490dec3cf8dedf77c8bb3bc5_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-agent-rhel8@sha256:9b75b42c8b9cfb029e76b806e8eb9dc3178a76e358abf7a5ea56b50503f9b6e6_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:323319be40279b7c001bda0a7eae67b5662c1e7c9a9621a9ce9ec66b32ee4bbc_amd64",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:dbe8522519a073ed4620886586b4d0b467f1383d35b42ee779b60fc4733abe53_s390x",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:e66ef48970b4a4755c1677687508036927717fff47d24864cee09eb169930755_ppc64le",
"8Base-RHACM-2.7:rhacm2/lighthouse-coredns-rhel8@sha256:ed7b1d9eaa0fb5395b579214fcbb8c6c9f47147711affed6c40a9ea76e3ec5cc_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:21280d682e06e920a6620e823ff873dd7f26bcdf1f5e6afeaea33bd17fc90b32_arm64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:80ecc8810042471f15091d785dc7c34cdb0afa7c845784c0a40a82244c51f132_ppc64le",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:f2eb14197331ee3fc6a022f17f22ca5b8ee54f76783ffa9e581a0eca5377122e_amd64",
"8Base-RHACM-2.7:rhacm2/nettest-rhel8@sha256:fbfda748f9522137e99a91b4961ad2fb4e582256f1f25fb5f16d498f67dc99d8_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:1dfa9cbde516c58a7889fa6765a2dedeeb1f5ca4a8bbae6073e0c5f030bb973d_arm64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:434c03429e8e8dc873f6f33c0091e8ae549945a7c9804c501cdd4e037fddda1d_s390x",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:690f87d67e3a9c63a4a95bf118bcea774d43437c7e68441ea3cfbcd40194c78d_amd64",
"8Base-RHACM-2.7:rhacm2/subctl-rhel8@sha256:985b34c33af8f50a10f3f6f0056b2ff6baad2f5e152df45382d3f23048e901c7_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:4feb9fd7fa4da86d7eefbc8b1704cda6f9c9920c1b2903aca7b136532c56c3b9_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:62cd51e00ca635ea41ae24b522c67b90299ce5914d72b4e89343f8eb3a8248d6_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:e9157a51b02b5ba0e44f1e25bf96c7ea950ba6576935ea6be0a3b14781bc0a37_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-gateway-rhel8@sha256:f937e339d6e3639faefecb07a91e065fd8417ddd7d094c325463719e007f56db_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:5924cc9a8092d6282afca8f4cdcbfd8c8fb7c5cafd86a69537b2fd619824f184_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:67b56f6fbcb14caae9f1b20513d322deeed666a872ef02b5a73a5cf088183795_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:7fca711199f677e53818bc75001ba8f327d3f0f3e322c11c6a187a2cfb41a9af_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-globalnet-rhel8@sha256:edbd6157d552db94cc6edba05f4a0341e5f98849d26225dbd301da4a103c67f2_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:5d65182dd2cafc18c987f1ef9ed16b1ddffe1deef4070e821a6eeb33b1752b6e_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:98e572c91453a607b140421d5711ff9c2f0ce1a0999243868280fcb667e7632c_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:b9444ac6e5099190de999300a06a3f2f91f01c569a83ca7ff1cfbc40a2b72174_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-networkplugin-syncer-rhel8@sha256:f8f3399de2bf019925cc85b89cc85f15049a7b135af97bdcff94aeaac5fe5762_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:5fd5a4910c4997a182ccb786fd22cf213bd651d0e14eb1645a150045bc47a779_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:69f061caec1403b1e4f002207a0b8acdc41ada2f9c7f46767648d05672d8c8ca_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:87b55b71c541c1edbe454185d728490eb39529d2b83f8e6c8443d334f9f81f3b_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-operator-bundle@sha256:9f145c2eabacbcfa25a172a6de2516ad4a9e513c3d67b205e9a7e7069e8e4d4a_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:3e054a396afcd57fd953856553f1c9d8f17b68ea9314a7307a9ead51dcb1f5c5_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:727ac19ec8bbeed1a13b2ee09fe075a305c3fc3f568cfe40b499321a94061e50_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c0e26f8db9a5c0691185f80e6dcdd86d6a57c61e4066fdfd10eb8e31bed1469e_s390x",
"8Base-RHACM-2.7:rhacm2/submariner-rhel8-operator@sha256:c643fc44d3af4c3fd8671af2378bef068796fe98669b71579e50c154f2337b92_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:4818471887484d8bb5ec2801c7fc98ef3cc52139c68f1f95a72ff9b54c124e3c_amd64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:5a3456edbe7796c9570bb01c6e720f4c32ba6e0a5051d0282f5b0db67fd8ea2c_arm64",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:cdb405309b67640fe75ec802c5f3793b55217044f527c611b5155d6799b2e666_ppc64le",
"8Base-RHACM-2.7:rhacm2/submariner-route-agent-rhel8@sha256:efa917cc9518c1c15ae18d290b5bd4442afcacfcd7017c4e3470c3ce87ec6da5_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
}
]
}
RHSA-2023:0632
Vulnerability from csaf_redhat - Published: 2023-02-15 11:08 - Updated: 2026-04-30 13:12Summary
Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update
Severity
Moderate
Notes
Topic: An update is now available for the Logging subsystem for Red Hat OpenShift 5.4.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Logging Subsystem 5.4.11 - Red Hat OpenShift
Security Fix(es):
* rubygem-rack: crafted requests can cause shell escape sequences (CVE-2022-30123)
* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack's `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim's terminal.
10.0 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64 | — |
Vendor Fix
fix
|
Known not affected
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64 | — |
Threats
Impact
Moderate
A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le | — |
Vendor Fix
fix
|
Known not affected
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64 | — |
Threats
Impact
Moderate
References
19 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Logging subsystem for Red Hat OpenShift 5.4.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Logging Subsystem 5.4.11 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* rubygem-rack: crafted requests can cause shell escape sequences (CVE-2022-30123)\n\n* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0632",
"url": "https://access.redhat.com/errata/RHSA-2023:0632"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2099524",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099524"
},
{
"category": "external",
"summary": "2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0632.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update",
"tracking": {
"current_release_date": "2026-04-30T13:12:16+00:00",
"generator": {
"date": "2026-04-30T13:12:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2023:0632",
"initial_release_date": "2023-02-15T11:08:43+00:00",
"revision_history": [
{
"date": "2023-02-15T11:08:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-15T11:08:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T13:12:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.4 for RHEL 8",
"product": {
"name": "RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.4::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.4.11-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.4.11-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.4.11-18"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-337"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-95"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-282"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-291"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-76"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.5-51"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-328"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.5.0-61"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.14-74"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.4.11-26"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v5.4.11-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v5.4.11-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.4.11-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-337"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-95"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-282"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-291"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-76"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.5-51"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-328"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.5.0-61"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.14-74"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v5.4.11-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v5.4.11-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.4.11-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-337"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-95"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-282"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-291"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-76"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.5-51"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-328"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.5.0-61"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.14-74"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v5.4.11-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v5.4.11-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.4.11-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-337"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-95"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-282"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-291"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-76"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.5-51"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-328"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.5.0-61"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.14-74"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v5.4.11-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v5.4.11-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-30123",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2022-06-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2099524"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ruby gem-rack. This flaw allows a malicious actor to craft requests that can cause shell escape sequences to be written to the terminal via rack\u0027s `Lint` middleware and `CommonLogger` middleware. This issue can leverage these escape sequences to execute commands in the victim\u0027s terminal.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: crafted requests can cause shell escape sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "- Because Red Hat OpenStack Platform 13.0 Operational Tools packaged the flawed code, but does not use its functionality, its Impact has been reduced to \u0027Low\u0027.\n- To exploit this vulnerability, applications should have either of these middlewares \u0027Lint\u0027 or \u0027CommonLogger\u0027 installed, and vulnerable apps may have something like this: \n\u0027use Rack::Lint\u0027 OR \u0027use Rack::CommonLogger\u0027\nThe Red Hat products use the flawed code but don\u0027t use its functionality, Hence, the impact is set to Important.\n- Logging Subsystem for Red Hat OpenShift uses the vulnerable ruby gem-rack package in the openshift-logging/fluentd-rhel8 component to instantiate client-to-server communication. But, this component cannot receive any requests so exploitation by crafted request consumption is not possible. Therefore the impact of this vulnerability on the Logging Subsystem for Red Hat OpenShift is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64"
],
"known_not_affected": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30123"
},
{
"category": "external",
"summary": "RHBZ#2099524",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099524"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30123",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30123"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30123",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30123"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-wq4h-7r42-5hrr",
"url": "https://github.com/advisories/GHSA-wq4h-7r42-5hrr"
}
],
"release_date": "2022-05-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-15T11:08:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0632"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-rack: crafted requests can cause shell escape sequences"
},
{
"cve": "CVE-2022-41717",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le"
],
"known_not_affected": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "RHBZ#2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
},
{
"category": "external",
"summary": "https://go.dev/cl/455635",
"url": "https://go.dev/cl/455635"
},
{
"category": "external",
"summary": "https://go.dev/cl/455717",
"url": "https://go.dev/cl/455717"
},
{
"category": "external",
"summary": "https://go.dev/issue/56350",
"url": "https://go.dev/issue/56350"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-1144",
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
}
],
"release_date": "2022-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-15T11:08:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0632"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:7ab5b5fc788cce18883243acbb5969bced246104636b250484c19c76dd4b93a6_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:1b8bf87ec875fe41a66ea659a6b18c5e5659b316d45eea5ebdee33bae4ef81a1_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:2e002a48fad466ef0ec91bc70090c34d16cc9a13192b43bff5a8d26bad016b1d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:6852056797fb71905807c327c6eb360ba8c21eaca7d6a56db3fdd40fb1ca8c91_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:b7d74ad5055cde7320b9584fab00b35790034b5946ab5e5b3bb91b9dd53ba5ac_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:aab07bddd4f7f54fa89726a3d06c5fb46aa9949771d937fb26d01c6231868c51_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ac7eb6b479a554be15ab61e47d6d7ded410c1ec952d8754fa54f6f3eb16c8c6_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:119afbf853025bba3ed3a06e1ef5dbcc85520053110a9a32f0d19a7792d5ff90_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:361bb98599f559be65a59735307227ff4f80ef4e3ce242b2d09c13b1b3cc1e97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:6383da98645b90f488612d7b9f97de1306e8b1377d42da2c55d3645c051769cd_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:54366435c4fdc0ed60acd5be4b6332a902e04a4983bd11c56f43cb60154ad858_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:91c00457ac77689695a0a419dffeaa27f58a09838d20ba8555536d9aee85606f_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:e2feda4d38877bf97f51e6f4d41c03752cabb24e483e508192696c1c6d073370_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:f7b3d237c663055b328ecd74bcce5187adc19bdbe37d2fdd6da568a2160ddfce_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:233e1632804aaf594c5c9765411e64d88e27186e9d7df136c9b2722496dbb891_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:6e3b8c4326a16d1996d63d3139fa8da07f836adb7380eebfd43c04afb5cc8160_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:90882305ff4c797b77fc0017697f408385138e9f436f18ad3f9ede84e3ce8917_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:c7ba034800b2815df849b292f40bb32bd2e6bb5ba4c00a06dfce8bce521facc6_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:288436122a88e3774ed1f67340701552853622ff3d7e93df79064aafc93793a5_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:74d8ac8e86c7117dd879f8dafdb8124786ae0939075da0c6c77e590ec7c2803e_s390x",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:de6ee66aac30df18e4fb9d34f316d1220af07bfc64d730eba8381a87f59630e7_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:ecdcab4b6b5192f87209973f9634937b05d3916e5a21fb3be4c75cf40cacaf74_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:3a02e2eb672689fc012b4276291c86aba80677edf88c6e1625e4679d994dc58d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:5f8e825cb25b65b9b2060fa51d9a611eb4284d62942e119c7172903848bc6915_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:973980c7d40d620669fbc0886c53e7788578916b2799e03a3a7be9c411baefe1_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:a4ac93c66ec44e8af3f1b2e7622b00f2c439b02defaa109fa52b1199af5d7036_arm64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4843583ba145b008d4117bcf7f24f50d8c67bfa75df0e2b2ac33a76b0dbc79ed_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:5b5205024db71e94e77c0c284af593765685093cfa3e7cdbed1fb1ab1e239270_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:681183bd8845927e77c735a8baa89915e33895f24a2411b683a440ac2d8de077_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:6c20722e93575354d264f7df0a7ad176ee0176966ec1da1be2bb8c5157c81364_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:2fc648617368a8be448ac85fed88c0701fe49975aea66d647739f91e44731065_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85e2db6e4785f510bd1a5ee0d032ff1cedaa8bace60a835795be1ca21783c6e6_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:989592f347cbca72cd3ac0331b385265d30320656ba79ceece673edd6bc7872d_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:c013416d49d9d4e3741cbff5bde90d9a21009f5c6a3f8d7f05216255e7f49417_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:2dee63a8dada3bf1d446b4528e09d83dd79c6d6bebfc10dc509582335e00dd65_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:3efb8c753506ac2557bccc2d1500694e69bc43ac08ab41c3c4fdbc9f042e9135_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:85323d829ca949a9cd3d86b220caaeee3b59e518ec84d50d9eb29e5dbe0a67d6_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:b864f913045f32c221b30e9739f0609cc2700474535060bb503429ddf360d59d_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:06ec44e3c6b906b6402327e7294515396f0c810741c3ba1e18f0c6b29f0853ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:3101b26acd72020ffe02b8f11fc2452f266159f1e7125118edda108a9503c29a_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:788bdc53fc2804979ef5de471175aaf572cdfd36a1ec0b1d0081073549e88f4b_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:da1a28456a58676270ec74f690c25e0d395304ba0c30f3c0e4ab08f32b6770a9_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:36b7aca216180137eb518c35bba4e94d0260cbdbca6e26cfb4932d73d13f3401_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:421f77e65c0d8130c762883c25c5d00879e57266278100424d2693eb3946c1f0_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4a10b28997798c6da95190e2caca50b138f7508e52237e605c498858749b4c69_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:4ebc8fb1304dd719e276723cce2890776f57ebea7eb6764ba47f387165bec58e_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:68a49f41366b2ee519ccbc2dae949dc320622422b191c41a9792738f47bb0135_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:0461e5c960e044fe9eb89532d90af2c68c2577ab7599ff700077ba383a2c4b79_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:135fd57e3246485140a76d44db6a0337b51c7739af3a115002f898b54b2d56c8_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:3afe1b2a3544970780e33d4df9e567e32150f19896be05caf5750eac77d646bd_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a188ec66929c398ade76abf680a9a7258e583f17b0ebb1580c8bbe4791f73012_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:4ddc204cb788f6f9329e7dc56e3e7c7746c30a7c5a12bdfd3cb806362927d80a_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:77630523a3bd3d23af4d436dc0bd8d5758d24a86e99dbd0ef463a37bf6b87a56_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9d1b1a47273693b873d25304426489fb6cc499c9dad1940c5fc4f7293a412819_s390x",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:f68add80fc64f6957f087b025942005f3de5db2f832199a543da969ac4955903_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:09adf52069dbbf3fc7192e20eca1bdb0e6bc405836b4be47412fc568cf9f8319_amd64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:c6d67b08190ee8f191a69ba12dc17a5be10c146f33b98ae0d1ba72b6c7f4d5eb_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:f98f732a7e82778aed2b0d0fb88a36d69e8cf2852d270d3e47e120b529a885d4_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:fe020a4c315486f3e90534cdce69d336a1ee08289e9c0773a9100a593c98bea1_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…