Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2022:0163
HistoryJan 18, 2022 - 2:41 p.m.

(RHSA-2022:0163) Important: Cryostat security update

2022-01-1814:41:43
access.redhat.com
19

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.005 Low

EPSS

Percentile

75.6%

JSON

The RHEL-8 based Cryostat container images have been updated with a security fix for “CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache”.

Users of RHEL-8 based Cryostat container images are advised to upgrade to these updated images, which contain backported patches to correct this security issue. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Ecosystem Catalog (see References).

Related

nessus 58
github 3
osv 13
ubuntucve 2
redhat 5
alpinelinux 2
ibm 21
cbl_mariner 24
redhatcve 2
almalinux 2
gitlab 1
veracode 2
openvas 36
cve 2
oraclelinux 6
rocky 2
prion 2
debiancve 1
suse 4
f5 1
rustsec 1
githubexploit 1
aix 1
openssl 1
photon 1
amazon 3
cloudfoundry 1
debian 1
nessus
nessus
AlmaLinux 8 : grafana (ALSA-2022:0001)
2022-03-11 00:00:00
Oracle Linux 8 : grafana (ELSA-2022-0001)
2022-01-04 00:00:00
RHEL 8 : grafana (RHSA-2022:0002)
2022-01-03 00:00:00
github
github
Unbounded memory usage on exposed HTTP/2 (non-gRPC) endpoints
2022-01-12 22:33:04
golang.org/x/net/http2 allows uncontrolled memory consumption
2022-01-02 00:00:48
Read buffer overruns processing ASN.1 strings
2022-05-24 19:12:03
osv
osv
BIT-golang-2021-44716
2024-03-06 11:03:30
golang.org/x/net/http2 allows uncontrolled memory consumption
2022-01-02 00:00:48
CVE-2021-44716
2022-01-01 05:15:08
ubuntucve
ubuntucve
CVE-2021-44716
2022-01-01 00:00:00
CVE-2021-3712
2021-08-24 00:00:00
redhat
redhat
(RHSA-2022:1628) Important: web-admin-build security update
2022-04-27 10:41:42
(RHSA-2022:0002) Important: grafana security update
2022-01-03 07:30:41
(RHSA-2022:0001) Important: grafana security update
2022-01-03 07:30:31
alpinelinux
alpinelinux
CVE-2021-44716
2022-01-01 05:15:00
CVE-2021-3712
2021-08-24 15:15:00
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container Operator and IntegrationServer operands may be vulnerable to denial of service due to CVE-2021-44716
2022-05-26 15:08:37
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Go CVE-2021-44716
2022-05-05 14:22:01
Security Bulletin: IBM DataPower Operator potentially vulnerable to Denial of Service (CVE-2021-44716)
2022-06-20 16:28:32
cbl_mariner
cbl_mariner
CVE-2021-44716 affecting package moby-cli 20.10.27-2
2024-02-25 03:00:06
CVE-2021-44716 affecting package git-lfs 3.1.4-15
2024-02-14 17:05:34
CVE-2021-44716 affecting package csi-driver-lvm 0.4.1-14
2024-02-14 17:05:34
redhatcve
redhatcve
CVE-2021-44716
2022-05-07 14:12:12
CVE-2021-3712
2021-08-24 15:06:37
almalinux
almalinux
Important: grafana security update
2022-01-03 07:30:31
Moderate: openssl security update
2021-12-21 09:07:24
gitlab
gitlab
Uncontrolled Resource Consumption
2022-01-02 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-12-14 20:52:35
Denial Of Service
2021-08-25 12:41:18
openvas
openvas
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-1345)
2022-03-29 00:00:00
Debian: Security Advisory (DLA-2766-1)
2021-09-27 00:00:00
Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2022-1180)
2022-02-24 00:00:00
cve
cve
CVE-2021-44716
2022-01-01 05:15:00
CVE-2021-3712
2021-08-24 15:15:00
oraclelinux
oraclelinux
grafana security update
2022-01-04 00:00:00
openssl security update
2021-12-22 00:00:00
openssl security update
2021-12-23 00:00:00
rocky
rocky
grafana security update
2022-01-03 07:30:31
openssl security update
2021-12-21 09:07:24
prion
prion
Design/Logic Flaw
2022-01-01 05:15:00
Buffer overflow
2021-08-24 15:15:00
debiancve
debiancve
CVE-2021-44716
2022-01-01 05:15:00
suse
suse
Security update for openssl-1_0_0 (important)
2021-08-24 00:00:00
Security update for openssl-1_1 (low)
2021-09-07 00:00:00
Security update for openssl-1_0_0 (important)
2021-08-25 00:00:00
f5
f5
K19559038 : OpenSSL vulnerability CVE-2021-3712
2021-10-01 00:00:00
rustsec
rustsec
Read buffer overruns processing ASN.1 strings
2021-08-24 12:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Read in Openssl
2023-09-11 07:43:19
aix
aix
There is a vulnerability in OpenSSL used by AIX.
2022-01-06 09:14:51
openssl
openssl
Vulnerability in OpenSSL CVE-2021-3712
2021-08-24 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0429
2021-08-26 00:00:00
amazon
amazon
Medium: openssl
2021-10-01 18:00:00
Medium: openssl11
2021-10-04 20:17:00
Medium: openssl
2021-10-26 23:29:00
cloudfoundry
cloudfoundry
USN-5051-3: OpenSSL vulnerability | Cloud Foundry
2021-10-28 00:00:00
debian
debian
[SECURITY] [DLA 2766-1] openssl security update
2021-09-26 22:03:49

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.005 Low

EPSS

Percentile

75.6%

JSON
Related for RHSA-2022:0163
nessus58github3osv13ubuntucve2redhat5alpinelinux2ibm21cbl_mariner24redhatcve2almalinux2gitlab1veracode2openvas36cve2oraclelinux6rocky2prion2debiancve1suse4f51rustsec1githubexploit1aix1openssl1photon1amazon3cloudfoundry1debian1