VDB
RHSA-2022%3A9047
RHSA-2022%3A9047
PUBLISHED
CVSS 6.5 MEDIUM
A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | rhmtc/openshift-migration-registry-rhel8@sha256:0b36e9ff32de1e801ddd34ccad1ea0a17029e17d2b93d0ea512c08b5b8a7f012_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-migration-registry-rhel8@sha256:0b36e9ff32de1e801ddd34ccad1ea0a17029e17d2b93d0ea512c08b5b8a7f012_amd64 |
| Red Hat | rhmtc/openshift-migration-must-gather-rhel8@sha256:fcbfc67d121d1d88f3ba16912f0920999c424ceab823cc9642a2f146ed103744_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-migration-must-gather-rhel8@sha256:fcbfc67d121d1d88f3ba16912f0920999c424ceab823cc9642a2f146ed103744_amd64, * |
| Red Hat | rhmtc/openshift-migration-log-reader-rhel8@sha256:fa36a6123064aefa646293b919c58660905a5f05b61ef35c7c767b6f88e4949f_amd64 as a component of 8Base-RHMTC-1.7 | *, rhmtc/openshift-migration-log-reader-rhel8@sha256:fa36a6123064aefa646293b919c58660905a5f05b61ef35c7c767b6f88e4949f_amd64 |
| Red Hat | rhmtc/openshift-migration-velero-rhel8@sha256:1f4bad1258ebb47d8faec192a61af8926b4b46b0208fad1317c6d4434733c42e_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-migration-velero-rhel8@sha256:1f4bad1258ebb47d8faec192a61af8926b4b46b0208fad1317c6d4434733c42e_amd64 |
| Red Hat | rhmtc/openshift-migration-log-reader-rhel8@sha256:fa36a6123064aefa646293b919c58660905a5f05b61ef35c7c767b6f88e4949f_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-migration-log-reader-rhel8@sha256:fa36a6123064aefa646293b919c58660905a5f05b61ef35c7c767b6f88e4949f_amd64 |
| Red Hat | rhmtc/openshift-migration-openvpn-rhel8@sha256:7b6879e9e14e5e7622635f3755aa002e438da06969fdcae7bc8b9f90ab3bb4fe_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-migration-openvpn-rhel8@sha256:7b6879e9e14e5e7622635f3755aa002e438da06969fdcae7bc8b9f90ab3bb4fe_amd64 |
| Red Hat | rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:297eeba673e224cad38b069f2e63be1b863d148710f53ce605d062088c150a9d_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:297eeba673e224cad38b069f2e63be1b863d148710f53ce605d062088c150a9d_amd64 |
| Red Hat | rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:dc8c6f17710f9757b98411f7f3e5e45452878a69498b0efc6b6fac17a7521c32_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:dc8c6f17710f9757b98411f7f3e5e45452878a69498b0efc6b6fac17a7521c32_amd64 |
| Red Hat | rhmtc/openshift-migration-ui-rhel8@sha256:951c384edd74377add1acd4590d9eceb30d147cb5f3042679e4c19d43b94e6c0_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-migration-ui-rhel8@sha256:951c384edd74377add1acd4590d9eceb30d147cb5f3042679e4c19d43b94e6c0_amd64 |
| Red Hat | rhmtc/openshift-velero-plugin-rhel8@sha256:b736ee68818e6e5193c8da383a7a2243dad4c8c198c4fb7370e856eaf0cf6714_amd64 as a component of 8Base-RHMTC-1.7 | *, * |
| Red Hat | rhmtc/openshift-migration-rhel8-operator@sha256:7b02b5182ff57b9bfa5857aa9e4da5ce5218198228044765047a4e41df6702c1_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-migration-rhel8-operator@sha256:7b02b5182ff57b9bfa5857aa9e4da5ce5218198228044765047a4e41df6702c1_amd64, * |
| Red Hat | rhmtc/openshift-migration-legacy-rhel8-operator@sha256:dd304118410ab622dab252504a18245012155894c3f89fd74af1aeffce0d4b5b_amd64 as a component of 8Base-RHMTC-1.7 | *, * |
| Red Hat | rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:c0685deaac37756a5f61923596086d9165199f7cf774a9a8719e15504ae2caee_amd64 as a component of 8Base-RHMTC-1.7 | *, rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:c0685deaac37756a5f61923596086d9165199f7cf774a9a8719e15504ae2caee_amd64 |
| Red Hat | rhmtc/openshift-migration-registry-rhel8@sha256:0b36e9ff32de1e801ddd34ccad1ea0a17029e17d2b93d0ea512c08b5b8a7f012_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-migration-registry-rhel8@sha256:0b36e9ff32de1e801ddd34ccad1ea0a17029e17d2b93d0ea512c08b5b8a7f012_amd64, * |
| Red Hat | rhmtc/openshift-migration-hook-runner-rhel8@sha256:d1f78e4f37b414d5007c8e5711de3e95179612722a1c0dba5ab70d7a57b171b9_amd64 as a component of 8Base-RHMTC-1.7 | *, rhmtc/openshift-migration-hook-runner-rhel8@sha256:d1f78e4f37b414d5007c8e5711de3e95179612722a1c0dba5ab70d7a57b171b9_amd64 |
| Red Hat | rhmtc/openshift-migration-ui-rhel8@sha256:951c384edd74377add1acd4590d9eceb30d147cb5f3042679e4c19d43b94e6c0_amd64 as a component of 8Base-RHMTC-1.7 | *, rhmtc/openshift-migration-ui-rhel8@sha256:951c384edd74377add1acd4590d9eceb30d147cb5f3042679e4c19d43b94e6c0_amd64 |
| Red Hat | rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:297eeba673e224cad38b069f2e63be1b863d148710f53ce605d062088c150a9d_amd64 as a component of 8Base-RHMTC-1.7 | *, rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:297eeba673e224cad38b069f2e63be1b863d148710f53ce605d062088c150a9d_amd64 |
| Red Hat | rhmtc/openshift-migration-operator-bundle@sha256:b46a79a60ef37106d34c5b54a65af27cf3953d367586718e80df6d4468238a2d_amd64 as a component of 8Base-RHMTC-1.7 | *, * |
| Red Hat | rhmtc/openshift-velero-plugin-rhel8@sha256:b736ee68818e6e5193c8da383a7a2243dad4c8c198c4fb7370e856eaf0cf6714_amd64 as a component of 8Base-RHMTC-1.7 | rhmtc/openshift-velero-plugin-rhel8@sha256:b736ee68818e6e5193c8da383a7a2243dad4c8c198c4fb7370e856eaf0cf6714_amd64 |
| Red Hat | rhmtc/openshift-migration-hook-runner-rhel8@sha256:d1f78e4f37b414d5007c8e5711de3e95179612722a1c0dba5ab70d7a57b171b9_amd64 as a component of 8Base-RHMTC-1.7 | * |
…and 14 more
Timeline
- Dec 15, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2022:9047 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2092793 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107371 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107374 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107376 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107383 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107386 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107388 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107390 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2107392 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2132957 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2137304 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2140208 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2143628 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2143872 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2149920 issue
- https://issues.redhat.com/browse/MIG-1240 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9047.json advisory
- https://access.redhat.com/security/cve/CVE-2022-1705 advisory
…and 36 more