Lucene search
RedHatRHSA-2023:4335HistoryAug 08, 2023 - 12:34 a.m.
(RHSA-2023:4335) Important: Security Update for cert-manager Operator for Red Hat OpenShift 1.10.3
2023-08-0800:34:54
access.redhat.com
15
cert-manager
red hat openshift
kubernetes
certificate authorities
certificates
security update
cve-2023-24540
cve-2022-41723
cve-2022-41724
cve-2022-41725
cve-2023-24534
cve-2023-24536
cve-2023-24537
cve-2023-24538
cve-2023-24539
cve-2023-29400
0.02 Low
EPSS
Percentile
88.9%
The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities
and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide
certificates-as-a-service to developers working within your Kubernetes cluster.
Security Fix(es):
- golang: html/template: improper handling of JavaScript whitespace (CVE-2023-24540)
- net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
- golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)
- golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)
- golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534)
- golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption (CVE-2023-24536)
- golang: go/parser: Infinite loop in parsing (CVE-2023-24537)
- golang: html/template: backticks not treated as string delimiters (CVE-2023-24538)
- golang: html/template: improper sanitization of CSS values (CVE-2023-24539)
- golang: html/template: improper handling of empty HTML attributes (CVE-2023-29400)
Related
redhat
redhat
nessus
nessus
CentOS 9 : skopeo-1.12.0-3.el9
2024-02-29 00:00:00
Ubuntu 23.04 : Go vulnerabilities (USN-6140-1)
2023-06-06 00:00:00
RHEL 9 : skopeo (RHSA-2023:6363)
2023-11-07 00:00:00
oraclelinux
oraclelinux
skopeo security update
2023-11-11 00:00:00
containernetworking-plugins security and bug fix update
2023-11-11 00:00:00
buildah security update
2023-11-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6140-1)
2023-06-07 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2686)
2023-09-05 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2356)
2023-07-17 00:00:00
osv
osv
Moderate: skopeo security update
2023-11-07 00:00:00
Moderate: containernetworking-plugins security and bug fix update
2023-11-07 00:00:00
Moderate: buildah security update
2023-11-07 00:00:00
ubuntu
ubuntu
Go vulnerabilities
2023-06-06 00:00:00
almalinux
almalinux
Moderate: containernetworking-plugins security and bug fix update
2023-11-07 00:00:00
Moderate: skopeo security update
2023-11-07 00:00:00
Moderate: buildah security update
2023-11-07 00:00:00
ibm
ibm
redos
redos
ROS-20240418-06
2024-04-18 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: openssl-3.0.9-1.fc38
2023-06-03 02:46:16
[SECURITY] Fedora 37 Update: openssl-3.0.9-1.fc37
2023-06-04 01:24:09
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.19.8-alt1
2023-04-10 00:00:00
Security fix for the ALT Linux 10 package golang version 1.19.9-alt1
2023-05-03 00:00:00
freebsd
freebsd
go -- multiple vulnerabilities
2023-04-04 00:00:00
mageia
mageia
Updated golang packages fix security vulnerability
2023-04-15 22:03:44
Updated golang packages fix security vulnerability
2023-05-16 22:17:40
amazon
amazon
Medium: openssl
2023-06-05 16:39:00
Medium: openssl
2023-06-05 16:39:00
Important: golang
2023-06-05 16:39:00
debian
debian
[SECURITY] [DLA 3449-1] openssl security update
2023-06-08 16:32:59
[SECURITY] [DSA 5417-1] openssl security update
2023-05-31 14:50:37