Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2022:6187
HistoryAug 25, 2022 - 10:07 a.m.

(RHSA-2022:6187) Important: Node Health Check Operator 0.3.1 security update

2022-08-2510:07:30
access.redhat.com
16

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

72.7%

JSON

This is an updated release of the Node Health Check Operator. You can use the Node Health Check Operator to deploy the Node Health Check controller. The controller identifies unhealthy nodes and uses the Self Node Remediation Operator to remediate the unhealthy nodes.

Security Fix(es):

  • golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)

  • golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)

  • golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, see the CVE page(s) listed in the References section.

Related

redhat 19
rocky 6
nessus 56
almalinux 6
osv 21
cve 3
debiancve 3
ibm 16
alpinelinux 3
redhatcve 3
cbl_mariner 6
prion 3
veracode 3
ubuntucve 3
oraclelinux 6
cnvd 1
fedora 5
openvas 19
f5 1
mageia 2
altlinux 2
freebsd 1
suse 3
amazon 8
redhat
redhat
(RHSA-2022:8098) Moderate: toolbox security and bug fix update
2022-11-15 06:15:31
(RHSA-2022:5875) Moderate: OpenShift Container Platform 4.10.26 security update
2022-08-09 02:26:20
(RHSA-2022:6065) Important: Red Hat OpenStack Platform 16.1 (collectd-libpod-stats) security update
2022-08-15 09:38:25
rocky
rocky
toolbox security and bug fix update
2022-11-15 06:15:31
grafana-pcp security update
2022-11-15 06:19:30
grafana-pcp security update
2022-11-08 06:25:29
nessus
nessus
RHEL 9 : toolbox (RHSA-2022:8098)
2022-11-16 00:00:00
Rocky Linux 9 : toolbox (RLSA-2022:8098)
2023-01-25 00:00:00
AlmaLinux 9 : toolbox (ALSA-2022:8098)
2022-11-19 00:00:00
almalinux
almalinux
Moderate: toolbox security and bug fix update
2022-11-15 00:00:00
Moderate: grafana-pcp security update
2022-11-15 00:00:00
Moderate: grafana-pcp security update
2022-11-08 00:00:00
osv
osv
Moderate: toolbox security and bug fix update
2022-11-15 00:00:00
Moderate: toolbox security and bug fix update
2022-11-15 06:15:31
Stack exhaustion when reading certain archives in compress/gzip
2022-07-20 20:52:11
cve
cve
CVE-2022-30631
2022-08-10 20:15:00
CVE-2022-1705
2022-08-10 20:15:00
CVE-2022-28327
2022-04-20 10:15:00
debiancve
debiancve
CVE-2022-30631
2022-08-10 20:15:00
CVE-2022-1705
2022-08-10 20:15:00
CVE-2022-28327
2022-04-20 10:15:00
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container operator and IntegrationServer operands may be vulnerable to denial of service due to CVE-2022-30631
2022-11-04 16:44:27
Security Bulletin: IBM Storage Ceph is vulnerable to uncontrolled recursion in Golang (CVE-2022-30631)
2024-02-02 04:00:02
Security Bulletin: Watson CP4D Data Stores is vulnerable to Golang Go is vulnerable to HTTP request smuggling(CVE-2022-1705)
2023-06-30 18:31:54
alpinelinux
alpinelinux
CVE-2022-30631
2022-08-10 20:15:00
CVE-2022-1705
2022-08-10 20:15:00
CVE-2022-28327
2022-04-20 10:15:00
redhatcve
redhatcve
CVE-2022-30631
2022-07-15 10:32:16
CVE-2022-1705
2022-07-15 10:32:19
CVE-2022-28327
2022-04-21 22:52:54
cbl_mariner
cbl_mariner
CVE-2022-30631 affecting package golang 1.18.3-1
2022-09-16 06:05:39
CVE-2022-30631 affecting package golang 1.18.3-1
2022-09-17 05:56:44
CVE-2022-1705 affecting package golang 1.18.3-1
2022-09-17 05:56:44
prion
prion
Design/Logic Flaw
2022-08-10 20:15:00
Design/Logic Flaw
2022-08-10 20:15:00
Input validation
2022-04-20 10:15:00
veracode
veracode
Denial Of Service (DoS)
2022-07-25 12:47:18
Request Smuggling
2022-07-25 04:55:56
Denial Of Service (DoS)
2022-04-14 23:08:44
ubuntucve
ubuntucve
CVE-2022-30631
2022-08-10 00:00:00
CVE-2022-1705
2022-08-10 00:00:00
CVE-2022-28327
2022-04-20 00:00:00
oraclelinux
oraclelinux
grafana-pcp security update
2022-11-15 00:00:00
grafana-pcp security update
2022-11-22 00:00:00
go-toolset:ol8 security and bug fix update
2022-08-03 00:00:00
cnvd
cnvd
Google Go has an unspecified vulnerability (CNVD-2022-55213)
2022-04-26 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: gron-0.6.1-2.fc34
2022-05-28 01:32:45
[SECURITY] Fedora 35 Update: fzf-0.29.0-2.fc35
2022-08-17 01:36:21
[SECURITY] Fedora 35 Update: golang-1.16.15-2.fc35
2022-07-01 01:17:14
openvas
openvas
Fedora: Security Advisory for gron (FEDORA-2022-53f0c619c5)
2022-05-29 00:00:00
Mageia: Security Advisory (MGASA-2022-0171)
2022-05-19 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2610)
2022-10-28 00:00:00
f5
f5
K000135314 : GO vulnerability CVE-2022-28327
2023-06-30 00:00:00
mageia
mageia
Updated golang packages fix security vulnerability
2022-05-12 13:24:45
Updated golang packages fix security vulnerability
2022-07-16 22:58:20
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.17.12-alt1.p10
2022-07-29 00:00:00
Security fix for the ALT Linux 10 package golang version 1.18.4-alt1
2022-07-28 00:00:00
freebsd
freebsd
go -- multiple vulnerabilities
2022-07-12 00:00:00
suse
suse
Security update for go1.17 (moderate)
2022-04-26 00:00:00
Security update for go1.18 (important)
2022-08-04 00:00:00
Security update for go1.17 (important)
2022-08-04 00:00:00
amazon
amazon
Important: golist
2022-09-15 04:46:00
Important: golang-github-syndtr-gocapability
2022-10-17 21:46:00
Important: golang-github-gorilla-mux
2022-10-17 21:46:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

72.7%

JSON
Related for RHSA-2022:6187
redhat19rocky6nessus56almalinux6osv21cve3debiancve3ibm16alpinelinux3redhatcve3cbl_mariner6prion3veracode3ubuntucve3oraclelinux6cnvd1fedora5openvas19f51mageia2altlinux2freebsd1suse3amazon8