VDB
RHSA-2023%3A0795
RHSA-2023%3A0795
PUBLISHED
CVSS 7.5 HIGH
A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | rhacm2/submariner-gateway-rhel8@sha256:5cd02e62ae81fea9887c484b4b4f52712b3cdfe0bff8a826e2c1c8e813df50bf_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-gateway-rhel8@sha256:5cd02e62ae81fea9887c484b4b4f52712b3cdfe0bff8a826e2c1c8e813df50bf_arm64 |
| Red Hat | rhacm2/submariner-operator-bundle@sha256:1e3de5b269f4454e822201ea7666bacab9c2962f454368b1967dd583cab5c9bc_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-operator-bundle@sha256:1e3de5b269f4454e822201ea7666bacab9c2962f454368b1967dd583cab5c9bc_ppc64le |
| Red Hat | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:511362c4a5dfa734d0015a355185a86ba6c00a0466f5fb1b469fa00e07858c82_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:511362c4a5dfa734d0015a355185a86ba6c00a0466f5fb1b469fa00e07858c82_amd64 |
| Red Hat | rhacm2/submariner-globalnet-rhel8@sha256:dc50bdc2082127c9df0da5b539ac61d244250eb93d7fcfd3a9d2fdbb10603695_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-globalnet-rhel8@sha256:dc50bdc2082127c9df0da5b539ac61d244250eb93d7fcfd3a9d2fdbb10603695_arm64 |
| Red Hat | rhacm2/subctl-rhel8@sha256:2e17954946ea1fd3ec53791a1b6dfdfb59be7c24fd78816b0ba721c069350c38_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/subctl-rhel8@sha256:2e17954946ea1fd3ec53791a1b6dfdfb59be7c24fd78816b0ba721c069350c38_ppc64le |
| Red Hat | rhacm2/submariner-gateway-rhel8@sha256:5100f65e2591023eb9da4512b464c49bbf7f56d1a78587e5da790d6cb52cfd7c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-gateway-rhel8@sha256:5100f65e2591023eb9da4512b464c49bbf7f56d1a78587e5da790d6cb52cfd7c_s390x |
| Red Hat | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:50281b32dc626b66b8b38bc3fa97d799ab13b66029768e60c06d3fa5d9a29bf1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:50281b32dc626b66b8b38bc3fa97d799ab13b66029768e60c06d3fa5d9a29bf1_s390x |
| Red Hat | rhacm2/subctl-rhel8@sha256:1f4051093fb1128e7266a4baff92bb7e9864825d51947265bed4ae7c20a3f99c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/subctl-rhel8@sha256:1f4051093fb1128e7266a4baff92bb7e9864825d51947265bed4ae7c20a3f99c_arm64 |
| Red Hat | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:511362c4a5dfa734d0015a355185a86ba6c00a0466f5fb1b469fa00e07858c82_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-networkplugin-syncer-rhel8@sha256:511362c4a5dfa734d0015a355185a86ba6c00a0466f5fb1b469fa00e07858c82_amd64 |
| Red Hat | rhacm2/submariner-globalnet-rhel8@sha256:4ee144a663c95a2fcc1fbfc0b308cf7033a5ded97a28a5aec9f35250df812661_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | * |
| Red Hat | rhacm2/submariner-operator-bundle@sha256:7dacd7a2b26ee22f62851127de612e9c18696c7db4ed06a244ce635b12cb89e2_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-operator-bundle@sha256:7dacd7a2b26ee22f62851127de612e9c18696c7db4ed06a244ce635b12cb89e2_arm64 |
| Red Hat | rhacm2/subctl-rhel8@sha256:2e17954946ea1fd3ec53791a1b6dfdfb59be7c24fd78816b0ba721c069350c38_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/subctl-rhel8@sha256:2e17954946ea1fd3ec53791a1b6dfdfb59be7c24fd78816b0ba721c069350c38_ppc64le |
| Red Hat | rhacm2/submariner-route-agent-rhel8@sha256:bb96dde2023a0b8a0d8b33095374ddcc828de182f04033253e716d584c8db623_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-route-agent-rhel8@sha256:bb96dde2023a0b8a0d8b33095374ddcc828de182f04033253e716d584c8db623_amd64 |
| Red Hat | rhacm2/lighthouse-agent-rhel8@sha256:6f8f3c288619a58ac723cde85df5232efac7f5ccfd516cb3996b35304d11e7f5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/lighthouse-agent-rhel8@sha256:6f8f3c288619a58ac723cde85df5232efac7f5ccfd516cb3996b35304d11e7f5_amd64 |
| Red Hat | rhacm2/submariner-gateway-rhel8@sha256:93b7d3fbd69a47187a595e09324ef603d8e0c808c99961719a56029776a25dfb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-gateway-rhel8@sha256:93b7d3fbd69a47187a595e09324ef603d8e0c808c99961719a56029776a25dfb_amd64 |
| Red Hat | rhacm2/lighthouse-coredns-rhel8@sha256:a842e4824cd39bc438c38889896dd33372b644968b5e29b614c9529b2e0696cc_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/lighthouse-coredns-rhel8@sha256:a842e4824cd39bc438c38889896dd33372b644968b5e29b614c9529b2e0696cc_ppc64le |
| Red Hat | rhacm2/submariner-route-agent-rhel8@sha256:0b40af2abd40a0d9220fd7311770cbbf0dddbc58b5347399c13fa92dae8dc2be_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | * |
| Red Hat | rhacm2/lighthouse-coredns-rhel8@sha256:a842e4824cd39bc438c38889896dd33372b644968b5e29b614c9529b2e0696cc_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/lighthouse-coredns-rhel8@sha256:a842e4824cd39bc438c38889896dd33372b644968b5e29b614c9529b2e0696cc_ppc64le |
| Red Hat | rhacm2/submariner-globalnet-rhel8@sha256:fb728331ee01f6fb72a54b5c5b5886ec08f014a384c1b49beec692439ec59630_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-globalnet-rhel8@sha256:fb728331ee01f6fb72a54b5c5b5886ec08f014a384c1b49beec692439ec59630_s390x |
| Red Hat | rhacm2/submariner-operator-bundle@sha256:2d28ae6efe8ba1999f5ae960cc1799465188b03514697c0192be53c4a7d1e8f2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 | rhacm2/submariner-operator-bundle@sha256:2d28ae6efe8ba1999f5ae960cc1799465188b03514697c0192be53c4a7d1e8f2_s390x |
…and 60 more
Timeline
- Feb 15, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:0795 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2134010 issue
- https://issues.redhat.com/browse/ACM-2226 advisory
- https://issues.redhat.com/browse/ACM-2435 advisory
- https://issues.redhat.com/browse/ACM-2821 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0795.json advisory
- https://access.redhat.com/security/cve/CVE-2022-32149 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-32149 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-32149 advisory
- https://go.dev/issue/56152 advisory
- https://groups.google.com/g/golang-dev/c/qfPIly0X7aU advisory