VDB
RHSA-2023%3A0481
RHSA-2023%3A0481
PUBLISHED
CVSS 7.5 HIGH
A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | rhacm2/lighthouse-coredns-rhel8@sha256:dbc246166dd35202221ac3f885a0e46160a6d277a058b6d2f1c7ee571c673b50_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | * |
| Red Hat | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:39ca01ef63bc7d2663186a516456c90657b918a2ec044af7aadb1315a607f429_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:39ca01ef63bc7d2663186a516456c90657b918a2ec044af7aadb1315a607f429_s390x |
| Red Hat | rhacm2/submariner-route-agent-rhel8@sha256:497545ae0c5ae10463c5ef4a56c0e3733efbff2da65754dce4bbb977cb80d55a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-route-agent-rhel8@sha256:497545ae0c5ae10463c5ef4a56c0e3733efbff2da65754dce4bbb977cb80d55a_s390x |
| Red Hat | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:91bc8d57c88c771bda7a6703ced10e32e9999116fe8cb7e4adddb6198591eeac_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:91bc8d57c88c771bda7a6703ced10e32e9999116fe8cb7e4adddb6198591eeac_amd64 |
| Red Hat | rhacm2/submariner-route-agent-rhel8@sha256:6bff7c4285999b218937924fc75e6303525089064f21d23234a01f453529fbf6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-route-agent-rhel8@sha256:6bff7c4285999b218937924fc75e6303525089064f21d23234a01f453529fbf6_amd64 |
| Red Hat | rhacm2/lighthouse-coredns-rhel8@sha256:77e474f4e0be091c3772ec0c16f2a67168dfea599a1f4220deb2fcb795d2d9c7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/lighthouse-coredns-rhel8@sha256:77e474f4e0be091c3772ec0c16f2a67168dfea599a1f4220deb2fcb795d2d9c7_ppc64le |
| Red Hat | rhacm2/submariner-gateway-rhel8@sha256:825db9cddd68a762e934bc855e5836e4f16a566f59d1310f45a06dac85ab8035_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-gateway-rhel8@sha256:825db9cddd68a762e934bc855e5836e4f16a566f59d1310f45a06dac85ab8035_s390x |
| Red Hat | rhacm2/submariner-route-agent-rhel8@sha256:0f13ca7bb60b17115395a51421916f0136a6d1296da563ba609cf37ec4e31440_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-route-agent-rhel8@sha256:0f13ca7bb60b17115395a51421916f0136a6d1296da563ba609cf37ec4e31440_ppc64le |
| Red Hat | rhacm2/subctl-rhel8@sha256:e6f5f07b97d4998c122cadeee693dce4d72f3bbe2c1f9703b15621b6531cf3a4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | * |
| Red Hat | rhacm2/subctl-rhel8@sha256:e6f5f07b97d4998c122cadeee693dce4d72f3bbe2c1f9703b15621b6531cf3a4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | * |
| Red Hat | rhacm2/submariner-rhel8-operator@sha256:2aad67f470d3a58382029b4db1459916036a8f41aed167d567eb1abef45cda3f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-rhel8-operator@sha256:2aad67f470d3a58382029b4db1459916036a8f41aed167d567eb1abef45cda3f_ppc64le |
| Red Hat | rhacm2/submariner-gateway-rhel8@sha256:7b343f4f8ea08b2e2a670ee938a2286a92d701e5e92f4f43ee58e620e2ee070b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-gateway-rhel8@sha256:7b343f4f8ea08b2e2a670ee938a2286a92d701e5e92f4f43ee58e620e2ee070b_amd64 |
| Red Hat | rhacm2/lighthouse-agent-rhel8@sha256:b76b9fc2f08fdedd74511526b3f049a37e8beab3dddd9c3463ea20064aadf194_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | * |
| Red Hat | rhacm2/subctl-rhel8@sha256:dae78580dc26a6beaaeef47575e0cc13c487d5cef1d72c415ddc19368ef3b4a5_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/subctl-rhel8@sha256:dae78580dc26a6beaaeef47575e0cc13c487d5cef1d72c415ddc19368ef3b4a5_arm64 |
| Red Hat | rhacm2/submariner-rhel8-operator@sha256:dc2a4dace498a5c6238c555411362c2e6166011582a572d3cab431c745143301_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-rhel8-operator@sha256:dc2a4dace498a5c6238c555411362c2e6166011582a572d3cab431c745143301_arm64 |
| Red Hat | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:91bc8d57c88c771bda7a6703ced10e32e9999116fe8cb7e4adddb6198591eeac_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:91bc8d57c88c771bda7a6703ced10e32e9999116fe8cb7e4adddb6198591eeac_amd64 |
| Red Hat | rhacm2/submariner-globalnet-rhel8@sha256:d855b05d15a54a88e2c026e0d1935b189dc7ceddb3a7b5b0672e8e4c715f3845_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-globalnet-rhel8@sha256:d855b05d15a54a88e2c026e0d1935b189dc7ceddb3a7b5b0672e8e4c715f3845_s390x |
| Red Hat | rhacm2/submariner-route-agent-rhel8@sha256:6bff7c4285999b218937924fc75e6303525089064f21d23234a01f453529fbf6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | rhacm2/submariner-route-agent-rhel8@sha256:6bff7c4285999b218937924fc75e6303525089064f21d23234a01f453529fbf6_amd64 |
| Red Hat | rhacm2/lighthouse-agent-rhel8@sha256:998706bb956a4fdd15526b5bb6a0458d59ea5cc537e2784b6dec1bb24b6aebbd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | * |
| Red Hat | rhacm2/submariner-globalnet-rhel8@sha256:3b04b0be64ea639e82496102236899cc62a2521c8e8bebd07c852118e76bce88_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 | * |
…and 52 more
Timeline
- Jan 26, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:0481 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2134010 issue
- https://issues.redhat.com/browse/ACM-2318 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0481.json advisory
- https://access.redhat.com/security/cve/CVE-2022-32149 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-32149 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-32149 advisory
- https://go.dev/issue/56152 advisory
- https://groups.google.com/g/golang-dev/c/qfPIly0X7aU advisory