RHSA-2022:9047MediumCVSS 7.5
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.6 security and bug fix update
🔗 CVE IDs covered (9)
📋 Description
CVE-2022-1705 — golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1962 — golang: go/parser: stack exhaustion in all Parse* functions CVE-2022-28131 — golang: encoding/xml: stack exhaustion in Decoder.Skip CVE-2022-30629 — golang: crypto/tls: session tickets lack random ticket_age_add CVE-2022-30630 — golang: io/fs: stack exhaustion in Glob CVE-2022-30632 — golang: path/filepath: stack exhaustion in Glob CVE-2022-30633 — golang: encoding/xml: stack exhaustion in Unmarshal CVE-2022-30635 — golang: encoding/gob: stack exhaustion in Decoder.Decode CVE-2022-32148 — golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
🔗 References (19)
- selfhttps://access.redhat.com/errata/RHSA-2022:9047
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2092793
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2107371
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2107374
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2107376
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2107383
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2107386
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2107388
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2107390
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2107392
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2132957
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2137304
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2140208
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2143628
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2143872
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2149920
- externalhttps://issues.redhat.com/browse/MIG-1240
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9047.json