Description
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Go standard library | encoding/xml | unaffected |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Application Interconnect 1 for RHEL 8 | |||
| skupper-cli-0:1.0.2-2.el8 | cpe:/a:redhat:application_interconnect:1::el8 | RHSA-2022:6113 | 2022-08-18T00:00:00Z |
| Multicluster Engine for Kubernetes | |||
| multicluster-engine-agent-service-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-apiserver-network-proxy-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-assisted-image-service-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-assisted-installer-agent-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-assisted-installer-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-assisted-installer-reporter-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-aws-encryption-provider-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-cluster-api-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-cluster-api-provider-agent-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-cluster-api-provider-aws-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-cluster-api-provider-azure-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-cluster-api-provider-kubevirt-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-clusterclaims-controller-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-cluster-curator-controller-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-clusterlifecycle-state-metrics-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-cluster-proxy-addon-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-cluster-proxy-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-console-mce-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-discovery-operator-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-hive-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-hypershift-addon-operator-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-hypershift-deployment-controller-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-hypershift-operator-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-klusterlet-operator-bundle-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-managedcluster-import-controller-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-managed-serviceaccount-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-multicloud-manager-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-must-gather-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-operator-bundle-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-operator-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-placement-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-provider-credential-controller-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-registration-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-registration-operator-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| multicluster-engine-work-container | cpe:/a:redhat:multicluster_engine:2.1::el8 | RHSA-2022:6345 | 2022-09-06T00:00:00Z |
| Node Maintenance Operator 4.11 for RHEL 8 | |||
| workload-availability/node-maintenance-rhel8-operator:v4.11.1-1 | cpe:/a:redhat:workload_availability_nmo:4.11::el8 | RHSA-2022:6188 | 2022-08-25T00:00:00Z |
| OpenShift Custom Metrics Autoscaler 2 | |||
| custom-metrics-autoscaler-tech-preview/custom-metrics-autoscaler-rhel8:2.8.2-143 | cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.0::el8 | RHSA-2023:1042 | 2023-03-06T00:00:00Z |
| Openshift Serveless 1.24 | |||
| openshift-serverless-1/client-kn-rhel8:1.3.1-4 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-controller-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-mtping-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-storage-version-migration-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-sugar-controller-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/eventing-webhook-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/ingress-rhel8-operator:1.24.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/knative-rhel8-operator:1.24.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/kn-cli-artifacts-rhel8:1.3.1-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/kourier-control-rhel8:1.3.0-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/net-istio-controller-rhel8:1.3.0-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/net-istio-webhook-rhel8:1.3.0-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serverless-operator-bundle:1.24.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serverless-rhel8-operator:1.24.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serving-activator-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serving-autoscaler-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serving-controller-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serving-domain-mapping-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serving-domain-mapping-webhook-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serving-queue-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serving-storage-version-migration-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/serving-webhook-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1/svls-must-gather-rhel8:1.24.0-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
| Openshift Serverless 1 on RHEL 8 | |||
| openshift-serverless-clients-0:1.3.1-4.el8 | cpe:/a:redhat:serverless:1.0::el8 | RHSA-2022:6042 | 2022-08-10T00:00:00Z |
| OSSO-1.1-RHEL-8 | |||
| openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8:v1.1-11 | cpe:/a:redhat:openshift_secondary_scheduler:1.1::el8 | RHSA-2022:6152 | 2022-09-01T00:00:00Z |
| Red Hat Advanced Cluster Management for Kubernetes 2 | |||
| gatekeeper-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:6348 | 2022-09-06T00:00:00Z |
| gatekeeper-operator-bundle-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:6348 | 2022-09-06T00:00:00Z |
| gatekeeper-operator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:6348 | 2022-09-06T00:00:00Z |
| lighthouse-agent-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6346 | 2022-09-06T00:00:00Z |
| lighthouse-coredns-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6346 | 2022-09-06T00:00:00Z |
| nettest-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6346 | 2022-09-06T00:00:00Z |
| subctl-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6346 | 2022-09-06T00:00:00Z |
| submariner-gateway-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6346 | 2022-09-06T00:00:00Z |
| submariner-globalnet-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6346 | 2022-09-06T00:00:00Z |
| submariner-networkplugin-syncer-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6346 | 2022-09-06T00:00:00Z |
| submariner-operator-bundle-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6346 | 2022-09-06T00:00:00Z |
| submariner-operator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6346 | 2022-09-06T00:00:00Z |
| submariner-route-agent-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6346 | 2022-09-06T00:00:00Z |
| volsync-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6347 | 2022-09-06T00:00:00Z |
| volsync-mover-rclone-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6347 | 2022-09-06T00:00:00Z |
| volsync-mover-restic-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6347 | 2022-09-06T00:00:00Z |
| volsync-mover-rsync-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6347 | 2022-09-06T00:00:00Z |
| volsync-mover-syncthing-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6347 | 2022-09-06T00:00:00Z |
| volsync-operator-bundle-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6347 | 2022-09-06T00:00:00Z |
| acm-governance-policy-addon-controller-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| acm-grafana-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| acm-must-gather-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| acm-operator-bundle-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| acm-prometheus-config-reloader-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| acm-prometheus-operator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| acm-volsync-addon-controller-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| cert-policy-controller-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| cluster-backup-operator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| config-policy-controller-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| console-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| endpoint-monitoring-operator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| governance-policy-propagator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| governance-policy-spec-sync-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| governance-policy-status-sync-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| governance-policy-template-sync-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| grafana-dashboard-loader-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| iam-policy-controller-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| insights-client-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| insights-metrics-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| klusterlet-addon-controller-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| kube-rbac-proxy-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| kube-state-metrics-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| management-ingress-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| memcached-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| memcached-exporter-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| metrics-collector-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| multicloud-integrations-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| multiclusterhub-operator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| multiclusterhub-repo-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| multicluster-observability-operator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| multicluster-operators-application-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| multicluster-operators-channel-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| multicluster-operators-subscription-operator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| node-exporter-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| observatorium-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| observatorium-operator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| prometheus-alertmanager-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| prometheus-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| rbac-query-proxy-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| redisgraph-tls-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| search-aggregator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| search-api-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| search-collector-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| search-operator-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| submariner-addon-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| thanos-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| thanos-receive-controller-container | cpe:/a:redhat:acm:2.6::el8 | RHSA-2022:6370 | 2022-09-06T00:00:00Z |
| Red Hat Ceph Storage 6.1 | |||
| rhceph/rhceph-6-dashboard-rhel9:6-75 | cpe:/a:redhat:ceph_storage:6.1::el9 | RHSA-2023:3642 | 2023-06-15T00:00:00Z |
| Red Hat Developer Tools | |||
| go-toolset-1.17-golang-0:1.17.12-1.el7_9 | cpe:/a:redhat:devtools:2022 | RHSA-2022:5866 | 2022-08-02T00:00:00Z |
| Red Hat Enterprise Linux 8 | |||
| go-toolset:rhel8-8060020220720230014.97d7f71f | cpe:/a:redhat:enterprise_linux:8 | RHSA-2022:5775 | 2022-08-01T00:00:00Z |
| grafana-0:7.5.15-3.el8 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2022:7519 | 2022-11-08T00:00:00Z |
| container-tools:3.0-8070020220802115906.39077419 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2022:7529 | 2022-11-08T00:00:00Z |
| container-tools:rhel8-8080020230321153727.0f77c1b7 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2023:2758 | 2023-05-16T00:00:00Z |
| container-tools:4.0-8080020230217080101.8108cfbc | cpe:/a:redhat:enterprise_linux:8 | RHSA-2023:2802 | 2023-05-16T00:00:00Z |
| Red Hat Enterprise Linux 9 | |||
| golang-0:1.17.12-1.el9_0 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2022:5799 | 2022-08-01T00:00:00Z |
| grafana-0:7.5.15-3.el9 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2022:8057 | 2022-11-15T00:00:00Z |
| Red Hat Migration Toolkit for Containers 1.7 | |||
| rhmtc/openshift-migration-velero-rhel8:v1.7.6-5 | cpe:/a:redhat:rhmt:1.7::el8 | RHSA-2022:9047 | 2022-12-15T00:00:00Z |
| Red Hat OpenShift Service Mesh 2.2 for RHEL 8 | |||
| openshift-service-mesh/istio-cni-rhel8:2.2.2-7 | cpe:/a:redhat:service_mesh:2.2::el8 | RHSA-2022:6283 | 2022-08-31T00:00:00Z |
| openshift-service-mesh/istio-rhel8-operator:2.2.2-8 | cpe:/a:redhat:service_mesh:2.2::el8 | RHSA-2022:6283 | 2022-08-31T00:00:00Z |
| openshift-service-mesh/pilot-rhel8:2.2.2-7 | cpe:/a:redhat:service_mesh:2.2::el8 | RHSA-2022:6283 | 2022-08-31T00:00:00Z |
| openshift-service-mesh/prometheus-rhel8:2.2.2-4 | cpe:/a:redhat:service_mesh:2.2::el8 | RHSA-2022:6283 | 2022-08-31T00:00:00Z |
| openshift-service-mesh/proxyv2-rhel8:2.2.2-8 | cpe:/a:redhat:service_mesh:2.2::el8 | RHSA-2022:6283 | 2022-08-31T00:00:00Z |
| openshift-service-mesh/ratelimit-rhel8:2.2.2-4 | cpe:/a:redhat:service_mesh:2.2::el8 | RHSA-2022:6283 | 2022-08-31T00:00:00Z |
| RHEL-7-CNV-4.12 | |||
| kubevirt-0:4.12.0-1057.el7 | cpe:/a:redhat:container_native_virtualization:4.12::el7 | RHSA-2023:0407 | 2023-01-24T00:00:00Z |
| RHEL-8-CNV-4.12 | |||
| kubevirt-0:4.12.0-1057.el8 | cpe:/a:redhat:container_native_virtualization:4.12::el8 | RHSA-2023:0407 | 2023-01-24T00:00:00Z |
| container-native-virtualization/virt-api:v4.12.0-255 | cpe:/a:redhat:container_native_virtualization:4.12::el8 | RHSA-2023:0408 | 2023-01-25T00:00:00Z |
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2022-32613 | Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. |
 Ubuntu USN |
USN-6038-1 | Go vulnerabilities |
| Ubuntu USN |
USN-6038-2 | Go vulnerabilities |
References
History
Wed, 16 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Thu, 13 Feb 2025 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat workload Availability Nmo
|
|
| CPEs | cpe:/a:redhat:workload_availability_nmo:4.11::el8 | |
| Vendors & Products |
Redhat workload Availability Node Maintenance
|
Redhat workload Availability Nmo
|
Sun, 08 Sep 2024 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat acm
Redhat multicluster Engine |
|
| CPEs | cpe:/a:redhat:acm:2.5::el8 cpe:/a:redhat:acm:2.6::el8 cpe:/a:redhat:multicluster_engine:2.1::el8 |
|
| Vendors & Products |
Redhat acm
Redhat multicluster Engine |
Mon, 19 Aug 2024 22:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:acm:2.6::el8 cpe:/a:redhat:multicluster_engine:2.1::el8 |
|
| Vendors & Products |
Redhat acm
Redhat multicluster Engine |
Subscriptions
Fedoraproject
Subscribe
Fedora
Subscribe
Golang
Subscribe
Go
Subscribe
Netapp
Subscribe
Cloud Insights Telegraf
Subscribe
Redhat
Subscribe
Acm
Subscribe
Application Interconnect
Subscribe
Ceph Storage
Subscribe
Container Native Virtualization
Subscribe
Devtools
Subscribe
Enterprise Linux
Subscribe
Multicluster Engine
Subscribe
Openshift Custom Metrics Autoscaler
Subscribe
Openshift Secondary Scheduler
Subscribe
Rhmt
Subscribe
Serverless
Subscribe
Service Mesh
Subscribe
Workload Availability Nmo
Subscribe
MITRE
Status: PUBLISHED
Assigner: Go
Published:
Updated: 2024-08-03T05:48:36.830Z
Reserved: 2022-03-29T00:00:00.000Z
Link: CVE-2022-28131
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-08-10T20:15:32.767
Modified: 2024-11-21T06:56:48.570
Link: CVE-2022-28131
Redhat
OpenCVE Enrichment
No data.