RHSA-2023:3914HighCVSS 8.1
Red Hat Security Advisory: Red Hat OpenShift Enterprise security update
🔗 CVE IDs covered (7)
📋 Description
CVE-2022-23772 — golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString CVE-2022-24675 — golang: encoding/pem: fix stack overflow in Decode CVE-2022-28327 — golang: crypto/elliptic: panic caused by oversized scalar CVE-2022-30629 — golang: crypto/tls: session tickets lack random ticket_age_add CVE-2022-41717 — golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests CVE-2023-3089 — openshift: OCP & FIPS mode CVE-2023-24540 — golang: html/template: improper handling of JavaScript whitespace
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2023:3914
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-001
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2053532
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2077688
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2077689
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2092793
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2161274
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2196027
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2212085
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3914.json