VDB

RHSA-2022%3A6283

RHSA-2022%3A6283 PUBLISHED CVSS 6.5 MEDIUM

A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products

VendorProductVersions
Red Hatopenshift-service-mesh/istio-rhel8-operator@sha256:fca5d871be638f67b4d9413acc0f08f07ce5664b3d8c7c303373f257c7fdaeef_ppc64le as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/istio-rhel8-operator@sha256:fca5d871be638f67b4d9413acc0f08f07ce5664b3d8c7c303373f257c7fdaeef_ppc64le
Red Hatopenshift-service-mesh/pilot-rhel8@sha256:7092fafcf5c8831e60fe1faece49bca217f87a57570c246e281982ae26825f20_s390x as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/pilot-rhel8@sha256:7092fafcf5c8831e60fe1faece49bca217f87a57570c246e281982ae26825f20_s390x
Red Hatopenshift-service-mesh/proxyv2-rhel8@sha256:50cb31bc63eb7e6ca7d89ff0e615e0c234df3e42301adaabe5a5898e5ae272e6_ppc64le as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/proxyv2-rhel8@sha256:50cb31bc63eb7e6ca7d89ff0e615e0c234df3e42301adaabe5a5898e5ae272e6_ppc64le
Red Hatopenshift-service-mesh/prometheus-rhel8@sha256:9ceabd6dce676b1e8bf619e1ae9eea8ed2a906e28d48983fbe05e5ba9ca3d17f_s390x as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/prometheus-rhel8@sha256:9ceabd6dce676b1e8bf619e1ae9eea8ed2a906e28d48983fbe05e5ba9ca3d17f_s390x
Red Hatopenshift-service-mesh/grafana-rhel8@sha256:5e0d2446f28fe46ad17a820db95ace2da09b02fab1cc9616265d482b4f724347_ppc64le as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/grafana-rhel8@sha256:5e0d2446f28fe46ad17a820db95ace2da09b02fab1cc9616265d482b4f724347_ppc64le
Red Hatopenshift-service-mesh/istio-cni-rhel8@sha256:b29c7f748528c0d2111ee22052d6e60f77705bad19da41fe05e3d2a73a84d620_ppc64le as a component of RHOSSM 2.2 for RHEL 8*
Red Hatopenshift-service-mesh/istio-rhel8-operator@sha256:6f9a3465937f99f92d5b90e3ea8ff2b3f5a60cd1bb5133e28762471952cf221d_s390x as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/istio-rhel8-operator@sha256:6f9a3465937f99f92d5b90e3ea8ff2b3f5a60cd1bb5133e28762471952cf221d_s390x
Red Hatopenshift-service-mesh/proxyv2-rhel8@sha256:637aee2798808417c1f1ced161ed8b1ca8519713dfa3f2932b11656fd1289ba6_s390x as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/proxyv2-rhel8@sha256:637aee2798808417c1f1ced161ed8b1ca8519713dfa3f2932b11656fd1289ba6_s390x
Red Hatopenshift-service-mesh/ratelimit-rhel8@sha256:fb2fe2e0f345ae6945ab66b2024046f9e22562abfa23761bf500d267b559a8cb_ppc64le as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/ratelimit-rhel8@sha256:fb2fe2e0f345ae6945ab66b2024046f9e22562abfa23761bf500d267b559a8cb_ppc64le
Red Hatopenshift-service-mesh/grafana-rhel8@sha256:0eca1c306690c8c2e2db17562cbbf6b1fcdc8296437b7746ea849822935be516_amd64 as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/grafana-rhel8@sha256:0eca1c306690c8c2e2db17562cbbf6b1fcdc8296437b7746ea849822935be516_amd64
Red Hatopenshift-service-mesh/proxyv2-rhel8@sha256:159143f23b25d9f16023c7cdd5a9e3b9533fe4d5a158736f7560c0996c3f42b0_amd64 as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/proxyv2-rhel8@sha256:159143f23b25d9f16023c7cdd5a9e3b9533fe4d5a158736f7560c0996c3f42b0_amd64
Red Hatopenshift-service-mesh/istio-must-gather-rhel8@sha256:661c004470c10b3f900fa2285b28e14a18667664d37e79b777d1693d732c0d7f_ppc64le as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/istio-must-gather-rhel8@sha256:661c004470c10b3f900fa2285b28e14a18667664d37e79b777d1693d732c0d7f_ppc64le
Red Hatopenshift-service-mesh/istio-rhel8-operator@sha256:e2c6046a3fd8a730c859107a14af76ec60a1518a3dc066d198cc92e3d086a97e_amd64 as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/istio-rhel8-operator@sha256:e2c6046a3fd8a730c859107a14af76ec60a1518a3dc066d198cc92e3d086a97e_amd64
Red Hatopenshift-service-mesh/pilot-rhel8@sha256:235b0b6046018ae28c4b4b98d601b8db3f785cb30e295154879d5cd03b63e508_amd64 as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/pilot-rhel8@sha256:235b0b6046018ae28c4b4b98d601b8db3f785cb30e295154879d5cd03b63e508_amd64
Red Hatopenshift-service-mesh/prometheus-rhel8@sha256:dbd36a3344790a8c9b759292b0949e963e73965d60392f2e824c63dcfae91b01_amd64 as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/prometheus-rhel8@sha256:dbd36a3344790a8c9b759292b0949e963e73965d60392f2e824c63dcfae91b01_amd64
Red Hatopenshift-service-mesh/grafana-rhel8@sha256:2322141c966068eaed50d9db68752a2ecab6448d38d53fffc7b0258ad6643742_s390x as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/grafana-rhel8@sha256:2322141c966068eaed50d9db68752a2ecab6448d38d53fffc7b0258ad6643742_s390x
Red Hatopenshift-service-mesh/istio-must-gather-rhel8@sha256:e065f74026282422dc5f0f958802bc621808cf03551818a5ffe90934e4b40380_s390x as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/istio-must-gather-rhel8@sha256:e065f74026282422dc5f0f958802bc621808cf03551818a5ffe90934e4b40380_s390x
Red Hatopenshift-service-mesh/prometheus-rhel8@sha256:62149d00c44d80f7c26ed749d4234f68208d1f46cd17cf75aa4a5c3b8a84b35c_ppc64le as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/prometheus-rhel8@sha256:62149d00c44d80f7c26ed749d4234f68208d1f46cd17cf75aa4a5c3b8a84b35c_ppc64le
Red Hatopenshift-service-mesh/istio-cni-rhel8@sha256:088811647145f6a0ba8d57e451f14011279de320dc61cd9e67c03a941ee40827_s390x as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/istio-cni-rhel8@sha256:088811647145f6a0ba8d57e451f14011279de320dc61cd9e67c03a941ee40827_s390x
Red Hatopenshift-service-mesh/istio-cni-rhel8@sha256:37e88c819d5d8e3bb3419c96e7fc8698560013aac59b1638f5220abda37f8980_amd64 as a component of RHOSSM 2.2 for RHEL 8openshift-service-mesh/istio-cni-rhel8@sha256:37e88c819d5d8e3bb3419c96e7fc8698560013aac59b1638f5220abda37f8980_amd64

…and 4 more

Timeline

  • Aug 31, 2022 CVE Published
  • Apr 29, 2026 CVE Updated
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›