VDB

RHSA-2022%3A5704

RHSA-2022%3A5704 PUBLISHED CVSS 8 HIGH

A flaw was found in go-tuf. This flaw allows an attacker to cause clients to install older software than the software the client previously knew to be available and may include software with known vulnerabilities.

Risk Scores

CVSS 3.1
8
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Red Hatadvanced-cluster-security/rhacs-rhel8-operator@sha256:a24567c3e3e46fd73a31bf484857f677cc1df7744a20dbaa56cd3a1166100bca_amd64 as a component of RHACS 3.71 for RHEL 8advanced-cluster-security/rhacs-rhel8-operator@sha256:a24567c3e3e46fd73a31bf484857f677cc1df7744a20dbaa56cd3a1166100bca_amd64
Red Hatadvanced-cluster-security/rhacs-collector-rhel8@sha256:7dae7101375d853f1e92abb2ea329aff92facd173aa2e59e55da90b69c0505ea_amd64 as a component of RHACS 3.71 for RHEL 8*
Red Hatadvanced-cluster-security/rhacs-scanner-db-rhel8@sha256:706eb733801c1755d8a18c176119e3e95680427029110aa2e7c000dde16922fc_amd64 as a component of RHACS 3.71 for RHEL 8advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:706eb733801c1755d8a18c176119e3e95680427029110aa2e7c000dde16922fc_amd64
Red Hatadvanced-cluster-security/rhacs-roxctl-rhel8@sha256:5dffeaa08c48336a8363e6f76cd1170591d18eaf53fb41ae43dc9fdd78a81f8c_amd64 as a component of RHACS 3.71 for RHEL 8*
Red Hatadvanced-cluster-security/rhacs-scanner-rhel8@sha256:ae823c0359aa1e3b6996555e75f8a807d24d72a68b18bb3f9de0dbd2be5b4001_amd64 as a component of RHACS 3.71 for RHEL 8advanced-cluster-security/rhacs-scanner-rhel8@sha256:ae823c0359aa1e3b6996555e75f8a807d24d72a68b18bb3f9de0dbd2be5b4001_amd64
Red Hatadvanced-cluster-security/rhacs-main-rhel8@sha256:08e9819d6dc2313821df014d2874aa0435b07f16231b97ac4cb610b529ca3aeb_amd64 as a component of RHACS 3.71 for RHEL 8*
Red Hatadvanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fa5c69255d4d43a6d04455b310499bf736bc65ca53cc9c8f36e17e9e85f55124_amd64 as a component of RHACS 3.71 for RHEL 8advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fa5c69255d4d43a6d04455b310499bf736bc65ca53cc9c8f36e17e9e85f55124_amd64
Red Hatadvanced-cluster-security/rhacs-docs-rhel8@sha256:d9cd05afc5f922f7e3d7e121a8b5d33023c969c8e4ad33e4980dc024fe4aa4e1_amd64 as a component of RHACS 3.71 for RHEL 8advanced-cluster-security/rhacs-docs-rhel8@sha256:d9cd05afc5f922f7e3d7e121a8b5d33023c969c8e4ad33e4980dc024fe4aa4e1_amd64
Red Hatadvanced-cluster-security/rhacs-operator-bundle@sha256:e84cda106657d350068a5632fba8c2d858a19de109da9795a1d0b77e26c3b338_amd64 as a component of RHACS 3.71 for RHEL 8advanced-cluster-security/rhacs-operator-bundle@sha256:e84cda106657d350068a5632fba8c2d858a19de109da9795a1d0b77e26c3b338_amd64
Red Hatadvanced-cluster-security/rhacs-collector-slim-rhel8@sha256:5ca826d30594df2664e1ce750a3523e756cdfea2f1d3d0ff9e9eb6f4781ce075_amd64 as a component of RHACS 3.71 for RHEL 8advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:5ca826d30594df2664e1ce750a3523e756cdfea2f1d3d0ff9e9eb6f4781ce075_amd64
Red Hatadvanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8b2b996474530a4cf9a8269f3a1ccb944a9d898f842748a2c9d9e91a74f0454c_amd64 as a component of RHACS 3.71 for RHEL 8*

Timeline

  • Jul 25, 2022 CVE Published
  • Apr 24, 2026 CVE Updated
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›