VDB
RHSA-2022%3A6344
RHSA-2022%3A6344
PUBLISHED
CVSS 6.5 MEDIUM
A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift-logging/elasticsearch6-rhel8@sha256:de443bcf2ab07a0db72d1ef5447e92d9ab04b28eae98d1f3dcc443057f75e12a_arm64 as a component of RHOL 5.5 for RHEL 8 | openshift-logging/elasticsearch6-rhel8@sha256:de443bcf2ab07a0db72d1ef5447e92d9ab04b28eae98d1f3dcc443057f75e12a_arm64, openshift-logging/elasticsearch6-rhel8@sha256:de443bcf2ab07a0db72d1ef5447e92d9ab04b28eae98d1f3dcc443057f75e12a_arm64, openshift-logging/elasticsearch6-rhel8@sha256:de443bcf2ab07a0db72d1ef5447e92d9ab04b28eae98d1f3dcc443057f75e12a_arm64 |
| Red Hat | openshift-logging/logging-view-plugin-rhel8@sha256:d0c6a24d4275af8c27f76a1fab969d9c1ff6a2240d3296c5a197d14108716061_s390x as a component of RHOL 5.5 for RHEL 8 | openshift-logging/logging-view-plugin-rhel8@sha256:d0c6a24d4275af8c27f76a1fab969d9c1ff6a2240d3296c5a197d14108716061_s390x, openshift-logging/logging-view-plugin-rhel8@sha256:d0c6a24d4275af8c27f76a1fab969d9c1ff6a2240d3296c5a197d14108716061_s390x, openshift-logging/logging-view-plugin-rhel8@sha256:d0c6a24d4275af8c27f76a1fab969d9c1ff6a2240d3296c5a197d14108716061_s390x |
| Red Hat | openshift-logging/logging-curator5-rhel8@sha256:8acfc4de5112b00ba0dbc9ec5a892ac29702ba7572b8620badd73ca00fbb3431_arm64 as a component of RHOL 5.5 for RHEL 8 | *, openshift-logging/logging-curator5-rhel8@sha256:8acfc4de5112b00ba0dbc9ec5a892ac29702ba7572b8620badd73ca00fbb3431_arm64, openshift-logging/logging-curator5-rhel8@sha256:8acfc4de5112b00ba0dbc9ec5a892ac29702ba7572b8620badd73ca00fbb3431_arm64 |
| Red Hat | openshift-logging/loki-rhel8-operator@sha256:a99d5e612ea96db4a2e6d5d40e989abebf3eb0687f8f82054a48e08b1ab69331_amd64 as a component of RHOL 5.5 for RHEL 8 | openshift-logging/loki-rhel8-operator@sha256:a99d5e612ea96db4a2e6d5d40e989abebf3eb0687f8f82054a48e08b1ab69331_amd64, openshift-logging/loki-rhel8-operator@sha256:a99d5e612ea96db4a2e6d5d40e989abebf3eb0687f8f82054a48e08b1ab69331_amd64, * |
| Red Hat | openshift-logging/loki-rhel8-operator@sha256:62f74800b00858fb17fed43882f7123a9cc37576d25b612cb9c2f62e90b4608f_arm64 as a component of RHOL 5.5 for RHEL 8 | openshift-logging/loki-rhel8-operator@sha256:62f74800b00858fb17fed43882f7123a9cc37576d25b612cb9c2f62e90b4608f_arm64, openshift-logging/loki-rhel8-operator@sha256:62f74800b00858fb17fed43882f7123a9cc37576d25b612cb9c2f62e90b4608f_arm64, * |
| Red Hat | openshift-logging/log-file-metric-exporter-rhel8@sha256:01b6cf95378f8967a69e7dc981c0afcbb3d564a6ae85421852a9aca2acfbb1da_arm64 as a component of RHOL 5.5 for RHEL 8 | openshift-logging/log-file-metric-exporter-rhel8@sha256:01b6cf95378f8967a69e7dc981c0afcbb3d564a6ae85421852a9aca2acfbb1da_arm64, openshift-logging/log-file-metric-exporter-rhel8@sha256:01b6cf95378f8967a69e7dc981c0afcbb3d564a6ae85421852a9aca2acfbb1da_arm64, openshift-logging/log-file-metric-exporter-rhel8@sha256:01b6cf95378f8967a69e7dc981c0afcbb3d564a6ae85421852a9aca2acfbb1da_arm64 |
| Red Hat | openshift-logging/logging-view-plugin-rhel8@sha256:551edc48e4f3268187ed743ffdbbb05ab52397172296d0dcd70567113e0bf9cd_ppc64le as a component of RHOL 5.5 for RHEL 8 | openshift-logging/logging-view-plugin-rhel8@sha256:551edc48e4f3268187ed743ffdbbb05ab52397172296d0dcd70567113e0bf9cd_ppc64le, openshift-logging/logging-view-plugin-rhel8@sha256:551edc48e4f3268187ed743ffdbbb05ab52397172296d0dcd70567113e0bf9cd_ppc64le, * |
| Red Hat | openshift-logging/elasticsearch6-rhel8@sha256:c5784fc0a27769499a36819c1ca82488a19c1d2878f7dd67fe985c5b09226d74_s390x as a component of RHOL 5.5 for RHEL 8 | openshift-logging/elasticsearch6-rhel8@sha256:c5784fc0a27769499a36819c1ca82488a19c1d2878f7dd67fe985c5b09226d74_s390x, openshift-logging/elasticsearch6-rhel8@sha256:c5784fc0a27769499a36819c1ca82488a19c1d2878f7dd67fe985c5b09226d74_s390x, openshift-logging/elasticsearch6-rhel8@sha256:c5784fc0a27769499a36819c1ca82488a19c1d2878f7dd67fe985c5b09226d74_s390x |
| Red Hat | openshift-logging/elasticsearch-rhel8-operator@sha256:d52d17e93aac1b7915b02cd1ff742fde0c479a68d3be562f03df488139819f8e_s390x as a component of RHOL 5.5 for RHEL 8 | *, *, openshift-logging/elasticsearch-rhel8-operator@sha256:d52d17e93aac1b7915b02cd1ff742fde0c479a68d3be562f03df488139819f8e_s390x |
| Red Hat | openshift-logging/logging-curator5-rhel8@sha256:8acfc4de5112b00ba0dbc9ec5a892ac29702ba7572b8620badd73ca00fbb3431_arm64 as a component of RHOL 5.5 for RHEL 8 | openshift-logging/logging-curator5-rhel8@sha256:8acfc4de5112b00ba0dbc9ec5a892ac29702ba7572b8620badd73ca00fbb3431_arm64, *, openshift-logging/logging-curator5-rhel8@sha256:8acfc4de5112b00ba0dbc9ec5a892ac29702ba7572b8620badd73ca00fbb3431_arm64 |
| Red Hat | openshift-logging/cluster-logging-operator-bundle@sha256:a7d097c7f59e7e3827932115e3af8659dd8a5699664ad2addde8bf85f0757de8_amd64 as a component of RHOL 5.5 for RHEL 8 | openshift-logging/cluster-logging-operator-bundle@sha256:a7d097c7f59e7e3827932115e3af8659dd8a5699664ad2addde8bf85f0757de8_amd64, openshift-logging/cluster-logging-operator-bundle@sha256:a7d097c7f59e7e3827932115e3af8659dd8a5699664ad2addde8bf85f0757de8_amd64, openshift-logging/cluster-logging-operator-bundle@sha256:a7d097c7f59e7e3827932115e3af8659dd8a5699664ad2addde8bf85f0757de8_amd64 |
| Red Hat | openshift-logging/vector-rhel8@sha256:db8b33e26ae6d132684168fbfd156a0b6dbebca978a81fb41ddc2f3e899f1b31_arm64 as a component of RHOL 5.5 for RHEL 8 | *, *, openshift-logging/vector-rhel8@sha256:db8b33e26ae6d132684168fbfd156a0b6dbebca978a81fb41ddc2f3e899f1b31_arm64 |
| Red Hat | openshift-logging/elasticsearch-proxy-rhel8@sha256:ca8a4fe474160aed7bdaa13429ff8d52633eeee77b16a7ebadc5a44ee4e4e057_ppc64le as a component of RHOL 5.5 for RHEL 8 | openshift-logging/elasticsearch-proxy-rhel8@sha256:ca8a4fe474160aed7bdaa13429ff8d52633eeee77b16a7ebadc5a44ee4e4e057_ppc64le, openshift-logging/elasticsearch-proxy-rhel8@sha256:ca8a4fe474160aed7bdaa13429ff8d52633eeee77b16a7ebadc5a44ee4e4e057_ppc64le, openshift-logging/elasticsearch-proxy-rhel8@sha256:ca8a4fe474160aed7bdaa13429ff8d52633eeee77b16a7ebadc5a44ee4e4e057_ppc64le |
| Red Hat | openshift-logging/lokistack-gateway-rhel8@sha256:0deb7ee6d255dd49263ae630975ee0238b0a98f2318c099f9473088e0075a5a0_ppc64le as a component of RHOL 5.5 for RHEL 8 | openshift-logging/lokistack-gateway-rhel8@sha256:0deb7ee6d255dd49263ae630975ee0238b0a98f2318c099f9473088e0075a5a0_ppc64le, openshift-logging/lokistack-gateway-rhel8@sha256:0deb7ee6d255dd49263ae630975ee0238b0a98f2318c099f9473088e0075a5a0_ppc64le, openshift-logging/lokistack-gateway-rhel8@sha256:0deb7ee6d255dd49263ae630975ee0238b0a98f2318c099f9473088e0075a5a0_ppc64le |
| Red Hat | openshift-logging/vector-rhel8@sha256:a70391600e9aa19dab069dd7a77905e16c2d36eefc9efb41addebe4b7e1604e9_ppc64le as a component of RHOL 5.5 for RHEL 8 | openshift-logging/vector-rhel8@sha256:a70391600e9aa19dab069dd7a77905e16c2d36eefc9efb41addebe4b7e1604e9_ppc64le, openshift-logging/vector-rhel8@sha256:a70391600e9aa19dab069dd7a77905e16c2d36eefc9efb41addebe4b7e1604e9_ppc64le, * |
| Red Hat | openshift-logging/lokistack-gateway-rhel8@sha256:4ea57ee5f2315f500e70d456832f9c81a7510e943e199ea6af2d2ea513c24f2a_s390x as a component of RHOL 5.5 for RHEL 8 | openshift-logging/lokistack-gateway-rhel8@sha256:4ea57ee5f2315f500e70d456832f9c81a7510e943e199ea6af2d2ea513c24f2a_s390x, openshift-logging/lokistack-gateway-rhel8@sha256:4ea57ee5f2315f500e70d456832f9c81a7510e943e199ea6af2d2ea513c24f2a_s390x, openshift-logging/lokistack-gateway-rhel8@sha256:4ea57ee5f2315f500e70d456832f9c81a7510e943e199ea6af2d2ea513c24f2a_s390x |
| Red Hat | openshift-logging/logging-view-plugin-rhel8@sha256:12f175307f3cb21398fc6a8c49492f4f33bf3f5e08a1f8879298c78865d9fd6d_arm64 as a component of RHOL 5.5 for RHEL 8 | openshift-logging/logging-view-plugin-rhel8@sha256:12f175307f3cb21398fc6a8c49492f4f33bf3f5e08a1f8879298c78865d9fd6d_arm64, openshift-logging/logging-view-plugin-rhel8@sha256:12f175307f3cb21398fc6a8c49492f4f33bf3f5e08a1f8879298c78865d9fd6d_arm64, openshift-logging/logging-view-plugin-rhel8@sha256:12f175307f3cb21398fc6a8c49492f4f33bf3f5e08a1f8879298c78865d9fd6d_arm64 |
| Red Hat | openshift-logging/kibana6-rhel8@sha256:8a7094de78ed14972dd7c32d294583e76f0f3fee328c61e2e5ce73782f620435_arm64 as a component of RHOL 5.5 for RHEL 8 | *, *, * |
| Red Hat | openshift-logging/log-file-metric-exporter-rhel8@sha256:90391a79e23a958877542d60ec3f3f134fdd9499c0da9d7b00c09030d79d8a0d_s390x as a component of RHOL 5.5 for RHEL 8 | openshift-logging/log-file-metric-exporter-rhel8@sha256:90391a79e23a958877542d60ec3f3f134fdd9499c0da9d7b00c09030d79d8a0d_s390x, openshift-logging/log-file-metric-exporter-rhel8@sha256:90391a79e23a958877542d60ec3f3f134fdd9499c0da9d7b00c09030d79d8a0d_s390x, openshift-logging/log-file-metric-exporter-rhel8@sha256:90391a79e23a958877542d60ec3f3f134fdd9499c0da9d7b00c09030d79d8a0d_s390x |
| Red Hat | openshift-logging/logging-loki-rhel8@sha256:a7e3d8c75fe2529794a1ea2775b28e29ea71a36fc22bd49facbcde36b9bf3313_amd64 as a component of RHOL 5.5 for RHEL 8 | *, openshift-logging/logging-loki-rhel8@sha256:a7e3d8c75fe2529794a1ea2775b28e29ea71a36fc22bd49facbcde36b9bf3313_amd64, * |
…and 108 more
Timeline
- Sep 6, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Jun 19, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:6344 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2107342 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107374 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107383 issue
- https://issues.redhat.com/browse/LOG-2647 advisory
- https://issues.redhat.com/browse/LOG-2801 advisory
- https://issues.redhat.com/browse/LOG-2917 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6344.json advisory
- https://access.redhat.com/security/cve/CVE-2022-1705 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-1705 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-1705 advisory
- https://go.dev/issue/53188 advisory
- https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE advisory
- https://access.redhat.com/security/cve/CVE-2022-30631 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-30631 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-30631 advisory
- https://go.dev/issue/53168 advisory
- https://access.redhat.com/security/cve/CVE-2022-32148 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-32148 advisory
…and 2 more