RHSA-2024:0121MediumCVSS 7.5

Red Hat Security Advisory: container-tools:4.0 security update

Published
January 10, 2024
Last Modified
June 27, 2026

🔗 CVE IDs covered (9)

📋 Description

CVE-2022-2879 — golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers CVE-2022-2880 — golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-27664 — golang: net/http: handle server errors after sending GOAWAY CVE-2022-41715 — golang: regexp/syntax: limit memory used by parsing regexps CVE-2023-29409 — golang: crypto/tls: slow verification of certificate chains containing large RSA keys CVE-2023-39318 — golang: html/template: improper handling of HTML-like comments within script contexts CVE-2023-39319 — golang: html/template: improper handling of special tags within script contexts CVE-2023-39321 — golang: crypto/tls: panic when processing post-handshake message on QUIC connections CVE-2023-39322 — golang: crypto/tls: lack of a limit on buffered post-handshake

🔗 References (12)