RHSA-2023:1325HighCVSS 8.2

Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Published
May 18, 2023
Last Modified
July 11, 2026

🔗 CVE IDs covered (13)

📋 Description

CVE-2022-2990 — buildah: possible information disclosure and modification CVE-2022-3259 — OpenShift: Missing HTTP Strict Transport Security CVE-2022-27191 — golang: crash in a golang.org/x/crypto/ssh server CVE-2022-41717 — golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41722 — golang: path/filepath: path-filepath filepath.Clean path traversal CVE-2022-41723 — golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding CVE-2022-41724 — golang: crypto/tls: large handshake records may cause panics CVE-2022-41725 — golang: net/http, mime/multipart: denial of service from excessive resource consumption CVE-2023-0056 — haproxy: segfault DoS CVE-2023-0229 — openshift/apiserver-library-go: Bypass of SCC seccomp profile restrictions CVE-2023-0778 — podman: symlink exchange attack in podman export volume CVE-2023-25577 — python-werkzeug: high resource usage when parsing multipart form data with many fields CVE-2023-25725 — haproxy: request smuggling attack in HTTP/1 header parsing

🔗 References (15)