VDB
RHSA-2022%3A6183
RHSA-2022%3A6183
PUBLISHED
CVSS 6.5 MEDIUM
A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift-logging/cluster-logging-operator-bundle@sha256:93356d20f29aabbfd37f142610bd59ba1cb20c92f4ae63acdaf3cbd3b61766d0_amd64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/cluster-logging-operator-bundle@sha256:93356d20f29aabbfd37f142610bd59ba1cb20c92f4ae63acdaf3cbd3b61766d0_amd64, *, openshift-logging/cluster-logging-operator-bundle@sha256:93356d20f29aabbfd37f142610bd59ba1cb20c92f4ae63acdaf3cbd3b61766d0_amd64 |
| Red Hat | openshift-logging/fluentd-rhel8@sha256:a1a61a072a56e83355eec2a6b9a6d4bbf6ccbc3b48303b8d8a5047cb5334d3d5_arm64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/fluentd-rhel8@sha256:a1a61a072a56e83355eec2a6b9a6d4bbf6ccbc3b48303b8d8a5047cb5334d3d5_arm64, *, openshift-logging/fluentd-rhel8@sha256:a1a61a072a56e83355eec2a6b9a6d4bbf6ccbc3b48303b8d8a5047cb5334d3d5_arm64 |
| Red Hat | openshift-logging/cluster-logging-rhel8-operator@sha256:245771eda4b8a0a5c80c862b0ec2cfe590e8a4bf9b3ba7319a4bbd8740d0acd7_ppc64le as a component of RHOL 5.4 for RHEL 8 | *, *, * |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:dea28c8bb7e8175e60a89790399448dabea6a5358f0f7e6f9b60f1674ea280c2_arm64 as a component of RHOL 5.4 for RHEL 8 | *, openshift-logging/elasticsearch-rhel8-operator@sha256:dea28c8bb7e8175e60a89790399448dabea6a5358f0f7e6f9b60f1674ea280c2_arm64, * |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:847aef5d2d106cb2c2817a36060a37510dabb444080b7f89d1014e07ade58c5d_arm64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/kibana6-rhel8@sha256:847aef5d2d106cb2c2817a36060a37510dabb444080b7f89d1014e07ade58c5d_arm64, *, openshift-logging/kibana6-rhel8@sha256:847aef5d2d106cb2c2817a36060a37510dabb444080b7f89d1014e07ade58c5d_arm64 |
| Red Hat | openshift-logging/logging-curator5-rhel8@sha256:f2dd23eb402fe6f505268a52e64adadad199fb19d804d017ec9bf16bfefb1117_ppc64le as a component of RHOL 5.4 for RHEL 8 | openshift-logging/logging-curator5-rhel8@sha256:f2dd23eb402fe6f505268a52e64adadad199fb19d804d017ec9bf16bfefb1117_ppc64le, *, openshift-logging/logging-curator5-rhel8@sha256:f2dd23eb402fe6f505268a52e64adadad199fb19d804d017ec9bf16bfefb1117_ppc64le |
| Red Hat | openshift-logging/elasticsearch-operator-bundle@sha256:1ec714eecbc7be802cc0353baaadf26e7bf6b2da0ee37430d34beca7325a1ff4_amd64 as a component of RHOL 5.4 for RHEL 8 | *, *, * |
| Red Hat | openshift-logging/cluster-logging-rhel8-operator@sha256:870e1047e82c87cb757995f3d70e2ce59f4fe97aab9de06005823634d060da7f_s390x as a component of RHOL 5.4 for RHEL 8 | *, openshift-logging/cluster-logging-rhel8-operator@sha256:870e1047e82c87cb757995f3d70e2ce59f4fe97aab9de06005823634d060da7f_s390x, openshift-logging/cluster-logging-rhel8-operator@sha256:870e1047e82c87cb757995f3d70e2ce59f4fe97aab9de06005823634d060da7f_s390x |
| Red Hat | openshift-logging/loki-operator-bundle@sha256:08bf3a7f6d0a272cf4cd6072b8b9a63de1f735b816e34f7064628b6398c42e0c_amd64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/loki-operator-bundle@sha256:08bf3a7f6d0a272cf4cd6072b8b9a63de1f735b816e34f7064628b6398c42e0c_amd64, openshift-logging/loki-operator-bundle@sha256:08bf3a7f6d0a272cf4cd6072b8b9a63de1f735b816e34f7064628b6398c42e0c_amd64, openshift-logging/loki-operator-bundle@sha256:08bf3a7f6d0a272cf4cd6072b8b9a63de1f735b816e34f7064628b6398c42e0c_amd64 |
| Red Hat | openshift-logging/log-file-metric-exporter-rhel8@sha256:e61a051df56de2f3beb2a5c9100868f4a0f2464df1426c42917acc321f5aabf2_ppc64le as a component of RHOL 5.4 for RHEL 8 | openshift-logging/log-file-metric-exporter-rhel8@sha256:e61a051df56de2f3beb2a5c9100868f4a0f2464df1426c42917acc321f5aabf2_ppc64le, openshift-logging/log-file-metric-exporter-rhel8@sha256:e61a051df56de2f3beb2a5c9100868f4a0f2464df1426c42917acc321f5aabf2_ppc64le, * |
| Red Hat | openshift-logging/fluentd-rhel8@sha256:a1a61a072a56e83355eec2a6b9a6d4bbf6ccbc3b48303b8d8a5047cb5334d3d5_arm64 as a component of RHOL 5.4 for RHEL 8 | *, openshift-logging/fluentd-rhel8@sha256:a1a61a072a56e83355eec2a6b9a6d4bbf6ccbc3b48303b8d8a5047cb5334d3d5_arm64, openshift-logging/fluentd-rhel8@sha256:a1a61a072a56e83355eec2a6b9a6d4bbf6ccbc3b48303b8d8a5047cb5334d3d5_arm64 |
| Red Hat | openshift-logging/logging-loki-rhel8@sha256:6ee7a76d9caa148b645ca8872f3d2fe0b80446703adf3d1ea7dfbe8dca8ea937_ppc64le as a component of RHOL 5.4 for RHEL 8 | *, *, * |
| Red Hat | openshift-logging/vector-rhel8@sha256:87d9eca65f199a234958a4d85c270db24ea7754dcb45bc457f4cd4519ad163e4_ppc64le as a component of RHOL 5.4 for RHEL 8 | openshift-logging/vector-rhel8@sha256:87d9eca65f199a234958a4d85c270db24ea7754dcb45bc457f4cd4519ad163e4_ppc64le, openshift-logging/vector-rhel8@sha256:87d9eca65f199a234958a4d85c270db24ea7754dcb45bc457f4cd4519ad163e4_ppc64le, openshift-logging/vector-rhel8@sha256:87d9eca65f199a234958a4d85c270db24ea7754dcb45bc457f4cd4519ad163e4_ppc64le |
| Red Hat | openshift-logging/elasticsearch6-rhel8@sha256:97df2e3668ef5233cf8362b83b9a896c04dd49e8b98fe2c54d9d2fd175c9e85e_ppc64le as a component of RHOL 5.4 for RHEL 8 | openshift-logging/elasticsearch6-rhel8@sha256:97df2e3668ef5233cf8362b83b9a896c04dd49e8b98fe2c54d9d2fd175c9e85e_ppc64le, openshift-logging/elasticsearch6-rhel8@sha256:97df2e3668ef5233cf8362b83b9a896c04dd49e8b98fe2c54d9d2fd175c9e85e_ppc64le, * |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:847aef5d2d106cb2c2817a36060a37510dabb444080b7f89d1014e07ade58c5d_arm64 as a component of RHOL 5.4 for RHEL 8 | *, *, openshift-logging/kibana6-rhel8@sha256:847aef5d2d106cb2c2817a36060a37510dabb444080b7f89d1014e07ade58c5d_arm64 |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:45ced4eb54e534a3d587e9a6b98f8a76e2a5443985a961aa58fb8603600dbf47_s390x as a component of RHOL 5.4 for RHEL 8 | openshift-logging/kibana6-rhel8@sha256:45ced4eb54e534a3d587e9a6b98f8a76e2a5443985a961aa58fb8603600dbf47_s390x, *, openshift-logging/kibana6-rhel8@sha256:45ced4eb54e534a3d587e9a6b98f8a76e2a5443985a961aa58fb8603600dbf47_s390x |
| Red Hat | openshift-logging/lokistack-gateway-rhel8@sha256:a73b6298765cecec47a21c737f060deae52b6bcaec2aec53ee67ca98a62e3082_arm64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/lokistack-gateway-rhel8@sha256:a73b6298765cecec47a21c737f060deae52b6bcaec2aec53ee67ca98a62e3082_arm64, openshift-logging/lokistack-gateway-rhel8@sha256:a73b6298765cecec47a21c737f060deae52b6bcaec2aec53ee67ca98a62e3082_arm64, * |
| Red Hat | openshift-logging/eventrouter-rhel8@sha256:9727fb8c5eea6d06868d5b632b20197f2199bbf2812ba009d053bfef7b392d6d_amd64 as a component of RHOL 5.4 for RHEL 8 | *, *, * |
| Red Hat | openshift-logging/cluster-logging-rhel8-operator@sha256:fa3a08f2a70541ecd4add8e2d2812faf075fb4b4f59b57aad25f322caa872b20_amd64 as a component of RHOL 5.4 for RHEL 8 | *, openshift-logging/cluster-logging-rhel8-operator@sha256:fa3a08f2a70541ecd4add8e2d2812faf075fb4b4f59b57aad25f322caa872b20_amd64, openshift-logging/cluster-logging-rhel8-operator@sha256:fa3a08f2a70541ecd4add8e2d2812faf075fb4b4f59b57aad25f322caa872b20_amd64 |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:a2604ad006682659be66ed2d57ee65bd64cb2b930448221faeb84d8b61409fd2_amd64 as a component of RHOL 5.4 for RHEL 8 | openshift-logging/kibana6-rhel8@sha256:a2604ad006682659be66ed2d57ee65bd64cb2b930448221faeb84d8b61409fd2_amd64, openshift-logging/kibana6-rhel8@sha256:a2604ad006682659be66ed2d57ee65bd64cb2b930448221faeb84d8b61409fd2_amd64, openshift-logging/kibana6-rhel8@sha256:a2604ad006682659be66ed2d57ee65bd64cb2b930448221faeb84d8b61409fd2_amd64 |
…and 100 more
Timeline
- Sep 6, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Jun 19, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:6183 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2107342 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107374 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107383 issue
- https://issues.redhat.com/browse/LOG-2946 advisory
- https://issues.redhat.com/browse/LOG-2963 advisory
- https://issues.redhat.com/browse/LOG-2972 advisory
- https://issues.redhat.com/browse/LOG-3009 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6183.json advisory
- https://access.redhat.com/security/cve/CVE-2022-1705 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-1705 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-1705 advisory
- https://go.dev/issue/53188 advisory
- https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE advisory
- https://access.redhat.com/security/cve/CVE-2022-30631 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-30631 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-30631 advisory
- https://go.dev/issue/53168 advisory
- https://access.redhat.com/security/cve/CVE-2022-32148 advisory
…and 3 more