VDB
RHSA-2022%3A0431
RHSA-2022%3A0431
PUBLISHED
CVSS 7.300000190734863 HIGH
A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Risk Scores
CVSS 3.1
7.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64 as a component of RHACS 3.68 for RHEL 8 | advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64 |
| Red Hat | advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64 as a component of RHACS 3.68 for RHEL 8 | advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64 |
| Red Hat | advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64 as a component of RHACS 3.68 for RHEL 8 | advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64 |
| Red Hat | advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64 as a component of RHACS 3.68 for RHEL 8 | advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64 |
| Red Hat | advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64 as a component of RHACS 3.68 for RHEL 8 | advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64 |
| Red Hat | advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64 as a component of RHACS 3.68 for RHEL 8 | advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64 |
| Red Hat | advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64 as a component of RHACS 3.68 for RHEL 8 | advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64 |
| Red Hat | advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64 as a component of RHACS 3.68 for RHEL 8 | advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64 |
| Red Hat | advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64 as a component of RHACS 3.68 for RHEL 8 | advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64 |
Timeline
- Feb 3, 2022 CVE Published
- Apr 29, 2026 CVE Updated
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2022:0431 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1992006 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0431.json advisory
- https://access.redhat.com/security/cve/CVE-2021-29923 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-29923 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-29923 advisory
- https://sick.codes/sick-2021-016/ advisory