RHSA-2022:2218MediumCVSS 8.3

Red Hat Security Advisory: Openshift Logging Security and Bug update Release (5.2.10)

Published
May 11, 2022
Last Modified
June 30, 2026

🔗 CVE IDs covered (5)

📋 Description

CVE-2021-37136 — netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data CVE-2021-37137 — netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way CVE-2021-43797 — netty: control chars in header names may lead to HTTP request smuggling CVE-2022-0759 — kubeclient: kubeconfig parsing error can lead to MITM attacks CVE-2022-21698 — prometheus/client_golang: Denial of service using InstrumentHandlerCounter

🔗 References (12)