RHSA-2024%3A2892 — Vulnetix

RHSA-2024%3A2892 PUBLISHED CVSS 7.5 HIGH

Red Hat Security Advisory: go-toolset-1.19-golang security update

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Red Hat:devtools:2023::el7	go-toolset-1.19-golang-bin	0, 0
Red Hat:devtools:2023::el7	go-toolset-1.19-golang-docs	0, 0
Red Hat:devtools:2023::el7	go-toolset-1.19-golang-src	0, 0
Red Hat:devtools:2023::el7	go-toolset-1.19-golang-tests	0, 0
Red Hat:devtools:2023::el7	go-toolset-1.19-golang	0, 0
Red Hat:devtools:2023::el7	go-toolset-1.19-golang-misc	0, 0
Red Hat:devtools:2023::el7	go-toolset-1.19-golang-race	0, 0

Exploit Intelligence

PoC for CVE-2023-45288, continuation flood vulnerability (github-poc-repo)
PoC for CVE-2023-45288, continuation flood vulnerability (github-poc-repo)
PoC for CVE-2023-45288, continuation flood vulnerability (github-poc)
PoC for CVE-2023-45288, continuation flood vulnerability (github-poc)
index.html (github-poc)
index.html (github-poc)
.trivyignore.yml (github-poc)
.trivyignore.yml (github-poc)

Timeline

May 20, 2024 CVE Published
Apr 25, 2026 CVE Updated
Apr 25, 2026 Distribution Patch
Apr 25, 2026 Distribution Patch
Apr 25, 2026 Security Advisory
Apr 25, 2026 Security Advisory
Apr 25, 2026 Security Advisory

References

https://access.redhat.com/errata/RHSA-2024:2892 advisory
https://access.redhat.com/security/updates/classification/#important article
https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2892.json advisory
https://access.redhat.com/security/cve/CVE-2023-45288 report
https://bugzilla.redhat.com/show_bug.cgi?id=2268273 report
https://www.cve.org/CVERecord?id=CVE-2023-45288 advisory
https://nvd.nist.gov/vuln/detail/CVE-2023-45288 advisory
https://nowotarski.info/http2-continuation-flood/ article
https://pkg.go.dev/vuln/GO-2024-2687 advisory
https://www.kb.cert.org/vuls/id/421644 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›