Filtered by vendor Redhat
Subscriptions
Filtered by product Logging
Subscriptions
Total
119 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-32149 | 2 Golang, Redhat | 10 Text, Acm, Container Native Virtualization and 7 more | 2024-08-03 | 7.5 High |
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse. | ||||
CVE-2022-32190 | 2 Golang, Redhat | 10 Go, Ceph Storage, Container Native Virtualization and 7 more | 2024-08-03 | 7.5 High |
JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath("https://go.dev", "../go") returns the URL "https://go.dev/../go", despite the JoinPath documentation stating that ../ path elements are removed from the result. | ||||
CVE-2022-32148 | 2 Golang, Redhat | 19 Go, Acm, Application Interconnect and 16 more | 2024-08-03 | 6.5 Medium |
Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. | ||||
CVE-2022-30631 | 2 Golang, Redhat | 21 Go, Acm, Advanced Cluster Security and 18 more | 2024-08-03 | 7.5 High |
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. | ||||
CVE-2022-30123 | 3 Debian, Rack Project, Redhat | 5 Debian Linux, Rack, Enterprise Linux and 2 more | 2024-08-03 | 10.0 Critical |
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack. | ||||
CVE-2022-27664 | 3 Fedoraproject, Golang, Redhat | 19 Fedora, Go, Acm and 16 more | 2024-08-03 | 7.5 High |
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. | ||||
CVE-2022-25883 | 2 Npmjs, Redhat | 10 Semver, Acm, Enterprise Linux and 7 more | 2024-08-03 | 5.3 Medium |
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range. | ||||
CVE-2022-24999 | 4 Debian, Openjsf, Qs Project and 1 more | 12 Debian Linux, Express, Qs and 9 more | 2024-08-03 | 7.5 High |
qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has "deps: qs@6.9.7" in its release description, is not vulnerable). | ||||
CVE-2022-21698 | 4 Fedoraproject, Prometheus, Rdo Project and 1 more | 17 Extra Packages For Enterprise Linux, Fedora, Client Golang and 14 more | 2024-08-03 | 7.5 High |
client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`; not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods. | ||||
CVE-2022-2880 | 2 Golang, Redhat | 20 Go, Acm, Ceph Storage and 17 more | 2024-08-03 | 7.5 High |
Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. | ||||
CVE-2022-2879 | 2 Golang, Redhat | 16 Go, Container Native Virtualization, Devtools and 13 more | 2024-08-03 | 7.5 High |
Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. | ||||
CVE-2022-1705 | 2 Golang, Redhat | 22 Go, Acm, Application Interconnect and 19 more | 2024-08-03 | 6.5 Medium |
Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. | ||||
CVE-2022-0759 | 1 Redhat | 3 Kubeclient, Logging, Satellite | 2024-08-02 | 8.1 High |
A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate (it wrongly returns VERIFY_NONE). Ruby applications that leverage kubeclient to parse kubeconfig files are susceptible to Man-in-the-middle attacks (MITM). | ||||
CVE-2022-0552 | 1 Redhat | 2 Logging, Origin-aggregated-logging | 2024-08-02 | 5.9 Medium |
A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects origin-aggregated-logging versions 3.11. | ||||
CVE-2023-51042 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Logging and 2 more | 2024-08-02 | 7.8 High |
In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free. | ||||
CVE-2023-46218 | 3 Fedoraproject, Haxx, Redhat | 7 Fedora, Curl, Enterprise Linux and 4 more | 2024-08-02 | 6.5 Medium |
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. | ||||
CVE-2023-45289 | 1 Redhat | 10 Advanced Cluster Security, Enterprise Linux, Logging and 7 more | 2024-08-02 | 5.3 Medium |
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded. | ||||
CVE-2023-45290 | 1 Redhat | 18 Advanced Cluster Security, Ansible Automation Platform, Cryostat and 15 more | 2024-08-02 | 5.3 Medium |
When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. | ||||
CVE-2024-28849 | 1 Redhat | 9 Advanced Cluster Security, Ansible Automation Platform, Logging and 6 more | 2024-08-02 | 6.5 Medium |
follow-redirects is an open source, drop-in replacement for Node's `http` and `https` modules that automatically follows redirects. In affected versions follow-redirects only clears authorization header during cross-domain redirect, but keep the proxy-authentication header which contains credentials too. This vulnerability may lead to credentials leak, but has been addressed in version 1.15.6. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
CVE-2023-39326 | 2 Golang, Redhat | 20 Go, Ansible Automation Platform, Cryostat and 17 more | 2024-08-02 | 5.3 Medium |
A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. |