What is RHBA-2023:6078?

RHBA-2023:6078 is a security advisory published by Red Hat Product Security with High severity. Red Hat Bug Fix Advisory: MTV 2.5.2 Images

Which CVE IDs does RHBA-2023:6078 cover?

RHBA-2023:6078 covers the following CVE IDs: CVE-2023-29401, CVE-2023-39325, CVE-2023-44487, CVE-2022-41723, CVE-2023-26125, CVE-2023-26144. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHBA-2023:6078?

RHBA-2023:6078 has a CVSS v3 base score of 7.5, published by Red Hat Product Security.

RHBA-2023:6078HighCVSS 7.5

Red Hat Bug Fix Advisory: MTV 2.5.2 Images

Vendor

Red Hat Product Security

Published

October 24, 2023

Last Modified

May 23, 2026

🔗 CVE IDs covered (6)

CVE-2023-29401 →CVE-2023-39325 →CVE-2023-44487 →CVE-2022-41723 →CVE-2023-26125 →CVE-2023-26144 →

📋 Description

CVE-2022-41723 — golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding CVE-2023-26125 — golang-github-gin-gonic-gin: Improper Input Validation CVE-2023-26144 — graphql: Insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries CVE-2023-29401 — golang-github-gin-gonic-gin: Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function CVE-2023-39325 — golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) CVE-2023-44487 — HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

🔗 References (2)

selfhttps://access.redhat.com/errata/RHBA-2023:6078
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_6078.json