Showing 1 - 25 of 41

CVE-2022-1705

Status Candidate

Overview

Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.

Related Files

Ubuntu Security Notice USN-6038-2: Posted Jan 9, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6038-2 - USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.; tags | advisory, remote, web, vulnerability; systems | linux, ubuntu; advisories | CVE-2022-1705, CVE-2022-28131, CVE-2022-2879, CVE-2022-2880, CVE-2022-29526, CVE-2022-30629, CVE-2022-30631, CVE-2022-30633, CVE-2022-32148, CVE-2022-41717, CVE-2023-24537, CVE-2023-24538; SHA-256 | 96428fafe2ad31ad48b8e46a45e50a86a01fb944d7fa801a9d326ac37683dc05; Download | Favorite | View

Red Hat Security Advisory 2023-3664-01: Posted Jun 19, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3664-01 - Release of Security Advisory for the OpenShift Jenkins image and Jenkins agent base image.; tags | advisory; systems | linux, redhat; advisories | CVE-2021-3782, CVE-2021-46848, CVE-2022-1304, CVE-2022-1705, CVE-2022-2795, CVE-2022-28327, CVE-2022-2880, CVE-2022-32148, CVE-2022-35737, CVE-2022-36227, CVE-2022-3627, CVE-2022-3970, CVE-2022-41715, CVE-2022-41717; SHA-256 | dd336c3e2dc2db105e105127e1f2bbf79335a56f544ed3b31f07727c470cb571; Download | Favorite | View

Red Hat Security Advisory 2023-3644-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3644-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.; tags | advisory; systems | linux, redhat; advisories | CVE-2021-4235, CVE-2022-1705, CVE-2022-27664, CVE-2022-2795, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-30631, CVE-2022-3162, CVE-2022-3172, CVE-2022-3204, CVE-2022-32148, CVE-2022-32189, CVE-2022-32190; SHA-256 | d08e0901464777bd733a3a8059ea4b335dfa9bfe8b9bacda0a47df5480ff08a7; Download | Favorite | View

Red Hat Security Advisory 2023-3642-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3642-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, denial of service, information leakage, spoofing, and traversal vulnerabilities.; tags | advisory, denial of service, spoof, vulnerability, xss; systems | linux, redhat; advisories | CVE-2021-42581, CVE-2022-1650, CVE-2022-1705, CVE-2022-21680, CVE-2022-21681, CVE-2022-24675, CVE-2022-24785, CVE-2022-26148, CVE-2022-27664, CVE-2022-28131, CVE-2022-28327, CVE-2022-2880, CVE-2022-29526, CVE-2022-30629; SHA-256 | 299c64208e7b0372bf38a7af4b78ae479c755f82d2b80c7932c562b81810811a; Download | Favorite | View

Red Hat Security Advisory 2023-2802-01: Posted May 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2802-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include denial of service and information leakage vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-1962, CVE-2022-27664, CVE-2022-28131, CVE-2022-2989, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148, CVE-2022-32189, CVE-2022-41717, CVE-2023-0778; SHA-256 | e47c4f8b21275ef5c2cc58d0d337046d3976f3de650141265c4f04536b01624e; Download | Favorite | View

Red Hat Security Advisory 2023-2758-01: Posted May 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2758-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-1962, CVE-2022-27664, CVE-2022-28131, CVE-2022-30629, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148, CVE-2022-32189, CVE-2022-41717, CVE-2023-0778; SHA-256 | d2e741f4926f71e10875fbefad5ecd7d9f531fe7fce7097fb834dc510678f357; Download | Favorite | View

Red Hat Security Advisory 2023-2357-01: Posted May 9, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2357-01 - Git Large File Storage replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Issues addressed include a denial of service vulnerability.; tags | advisory, remote, denial of service; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-27664, CVE-2022-2880, CVE-2022-30630, CVE-2022-30632, CVE-2022-30635, CVE-2022-32148, CVE-2022-32189, CVE-2022-41715, CVE-2022-41717; SHA-256 | 9140faf074cda7ac19efb48b3148896fb61acf0a9b2cbb63cd55a246caf4594a; Download | Favorite | View

Red Hat Security Advisory 2023-2041-01: Posted Apr 27, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2041-01 - Migration Toolkit for Applications 6.1.0 Images. Issues addressed include denial of service, privilege escalation, server-side request forgery, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2021-4235, CVE-2022-1705, CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-30631, CVE-2022-3162, CVE-2022-31690, CVE-2022-3172, CVE-2022-32148, CVE-2022-32189, CVE-2022-32190, CVE-2022-3259; SHA-256 | cdceaf94ffb5f08d7907643b99fcb01c885eb8b1a5f5162002e04ee9e67c6574; Download | Favorite | View

Ubuntu Security Notice USN-6038-1: Posted Apr 25, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6038-1 - It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service.; tags | advisory, remote, web, denial of service; systems | linux, ubuntu; advisories | CVE-2022-1705, CVE-2022-28131, CVE-2022-2879, CVE-2022-2880, CVE-2022-29526, CVE-2022-30629, CVE-2022-30630, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148, CVE-2022-41717, CVE-2023-24534, CVE-2023-24538; SHA-256 | d693c7af1fb087931225b61859ba4862bde511f2a7551346eb8eb6777bf0309d; Download | Favorite | View

Red Hat Security Advisory 2023-1529-01: Posted Mar 30, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-1529-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring. Issues addressed include a denial of service vulnerability.; tags | advisory, remote, denial of service; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-23772, CVE-2022-23773, CVE-2022-23806, CVE-2022-24675, CVE-2022-27664, CVE-2022-28327, CVE-2022-29526, CVE-2022-30629, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-32189, CVE-2022-41715; SHA-256 | 076cb56938e56f5592e65cea88fd4e9701c30fce49bfb1b10a1802daa15305ca; Download | Favorite | View

Red Hat Security Advisory 2023-1428-01: Posted Mar 24, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-1428-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include denial of service, traversal, and unsanitized input vulnerabilities.; tags | advisory, web, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2020-10735, CVE-2020-36567, CVE-2021-28861, CVE-2021-4235, CVE-2022-1705, CVE-2022-23521, CVE-2022-24999, CVE-2022-25881, CVE-2022-25927, CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-30631; SHA-256 | cc950d2ab43d2f93dae3bec701ae554c28379d039ec26d5027d656ff0b9558b0; Download | Favorite | View

Red Hat Security Advisory 2023-1275-01: Posted Mar 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-1275-01 - An update for etcd is now available for Red Hat OpenStack Platform. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-27664, CVE-2022-2880, CVE-2022-30629, CVE-2022-30630, CVE-2022-30632, CVE-2022-30635, CVE-2022-3064, CVE-2022-32148, CVE-2022-32189, CVE-2022-41715, CVE-2022-41717; SHA-256 | d066674ef76779d85d203477eb3b6fa620ffdcbf7da90af5ab48dfdcfd299f79; Download | Favorite | View

Red Hat Security Advisory 2023-1042-01: Posted Mar 7, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-1042-01 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-1962, CVE-2022-27664, CVE-2022-28131, CVE-2022-28327, CVE-2022-2879, CVE-2022-2880, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148, CVE-2022-32149; SHA-256 | f399dcb2538382b0da653070530d24a988f6311382debb5d7ef4ab333944715b; Download | Favorite | View

Red Hat Security Advisory 2023-0542-01: Posted Jan 31, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0542-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release. Issues addressed include denial of service and spoofing vulnerabilities.; tags | advisory, denial of service, spoof, vulnerability; systems | linux, redhat; advisories | CVE-2016-3709, CVE-2021-23648, CVE-2021-4238, CVE-2021-46848, CVE-2022-1304, CVE-2022-1705, CVE-2022-1962, CVE-2022-21673, CVE-2022-21698, CVE-2022-21702, CVE-2022-21703, CVE-2022-21713, CVE-2022-22624, CVE-2022-22628; SHA-256 | d0ec81ac694e922500234d90eb37e90222ddaf5b72118f0b1c21008e8f27c7e2; Download | Favorite | View

Red Hat Security Advisory 2023-0407-01: Posted Jan 25, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0407-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.0 RPMs. Issues addressed include denial of service and out of bounds read vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2021-38561, CVE-2021-44716, CVE-2021-44717, CVE-2022-1705, CVE-2022-1962, CVE-2022-24921, CVE-2022-28131, CVE-2022-30629, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148; SHA-256 | 317fa3eb9235d943a4cc6374542abc73ed837646f1e28fee7e0ca8baeefb135f; Download | Favorite | View

Red Hat Security Advisory 2022-7399-01: Posted Jan 18, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-7399-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.0. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.; tags | advisory, denial of service, vulnerability, memory leak; systems | linux, redhat; advisories | CVE-2021-22570, CVE-2021-38561, CVE-2021-4235, CVE-2022-1705, CVE-2022-21698, CVE-2022-24302, CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-30631, CVE-2022-3162, CVE-2022-3172, CVE-2022-32148; SHA-256 | e13aef52399a1f4fa930dd8b8bf1a89fd110f6137aebfab4ca96512890bd402c; Download | Favorite | View

Red Hat Security Advisory 2022-8626-01: Posted Nov 29, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-8626-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.17. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-27664, CVE-2022-32148, CVE-2022-32189; SHA-256 | 3226a1aaccaa257c4973e3c58c096450b2fdf3782e2edd86c434b1dcca51d3a3; Download | Favorite | View

Red Hat Security Advisory 2022-8250-01: Posted Nov 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-8250-01 - The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30635, CVE-2022-32148; SHA-256 | 763ca001b832a7eeb70226b1d2de4dd230c6013bc449a144b018b3485f826480; Download | Favorite | View

Red Hat Security Advisory 2022-8098-01: Posted Nov 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-8098-01 - Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632; SHA-256 | 896c52820d29c6247a9c4858eb4c3557cfc4c421ac3dbfbc2b20b4c0e0adbcff; Download | Favorite | View

Red Hat Security Advisory 2022-8057-01: Posted Nov 15, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-8057-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include cross site request forgery, cross site scripting, denial of service, information leakage, and privilege escalation vulnerabilities.; tags | advisory, denial of service, vulnerability, xss, csrf; systems | linux, redhat; advisories | CVE-2021-23648, CVE-2022-1705, CVE-2022-1962, CVE-2022-21673, CVE-2022-21698, CVE-2022-21702, CVE-2022-21703, CVE-2022-21713, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635; SHA-256 | 3ee16e49a8baf9378c63381be5115444e228ecd6a3b4ae465fcf1331c83fb783; Download | Favorite | View

Red Hat Security Advisory 2022-7648-01: Posted Nov 8, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-7648-01 - The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30635, CVE-2022-32148; SHA-256 | 9b8c628f6c3226ccbc21a1b84fbb4fa246dc644fd56736fe0e9943bb4f346499; Download | Favorite | View

Red Hat Security Advisory 2022-7529-01: Posted Nov 8, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-7529-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include denial of service and memory exhaustion vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2022-1705, CVE-2022-1708, CVE-2022-1962, CVE-2022-21698, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-32148; SHA-256 | 86d402cba3309d240b303fd054f614420e400a922614407e5d24ebed38d6c057; Download | Favorite | View

Red Hat Security Advisory 2022-7519-01: Posted Nov 8, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-7519-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include cross site request forgery, cross site scripting, denial of service, information leakage, and privilege escalation vulnerabilities.; tags | advisory, denial of service, vulnerability, xss, csrf; systems | linux, redhat; advisories | CVE-2021-23648, CVE-2022-1705, CVE-2022-1962, CVE-2022-21673, CVE-2022-21698, CVE-2022-21702, CVE-2022-21703, CVE-2022-21713, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635; SHA-256 | 3e15d8d2daf7a09f7541e03f3086b2da3507f9323e80ae6e10ec506f6426e5c7; Download | Favorite | View

Red Hat Security Advisory 2022-7129-01: Posted Oct 25, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-7129-01 - Git Large File Storage replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Issues addressed include a denial of service vulnerability.; tags | advisory, remote, denial of service; systems | linux, redhat; advisories | CVE-2020-28851, CVE-2020-28852, CVE-2022-1705, CVE-2022-27664, CVE-2022-30630, CVE-2022-30632, CVE-2022-30635, CVE-2022-32148, CVE-2022-32189; SHA-256 | 271ab07056668c5b709d9b3ecb43837a541fcd7a85c6db2ee4599a1910871f51; Download | Favorite | View

Red Hat Security Advisory 2022-6430-01: Posted Sep 13, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6430-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2021-3634, CVE-2021-40528, CVE-2022-1271, CVE-2022-1292, CVE-2022-1586, CVE-2022-1705, CVE-2022-1962, CVE-2022-2068, CVE-2022-2097, CVE-2022-21698, CVE-2022-24675, CVE-2022-2526, CVE-2022-25313, CVE-2022-25314; SHA-256 | 4f2de101a63895ce93b93d579c8522dbea6333fada1258ba314335efd601e058; Download | Favorite | View

Page 1 of 2 Back 1 2 Next

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 64 files
Debian 24 files
Apple 14 files
LiquidWorm 12 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,171)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,070)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,426)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,010)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2022-1705

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems