CVE-2022-21698
Description
client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of promhttp.InstrumentHandler* middleware except RequestsInFlight; not filter any specific methods (e.g GET) before middleware; pass metric with method label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown method. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the method label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.279
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update aardvark-dns-1.0.1-27.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update buildah-1.24.2-4.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update buildah-debugsource-1.24.2-4.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update buildah-tests-1.24.2-4.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update cockpit-podman-43-1.module+el8.6.0+14673+621cb8be.noarch.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update conmon-2.1.0-1.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update conmon-debugsource-2.1.0-1.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update container-selinux-2.179.1-1.module+el8.6.0+14673+621cb8be.noarch.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update containernetworking-plugins-1.0.1-2.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update containernetworking-plugins-debugsource-1.0.1-2.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update containers-common-1-27.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update crit-3.15-3.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update criu-3.15-3.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update criu-debugsource-3.15-3.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update criu-devel-3.15-3.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update criu-libs-3.15-3.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update crun-1.4.4-1.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update crun-debugsource-1.4.4-1.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update fuse-overlayfs-1.8.2-1.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update fuse-overlayfs-debugsource-1.8.2-1.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update libslirp-4.4.0-1.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update libslirp-debugsource-4.4.0-1.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update libslirp-devel-4.4.0-1.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update netavark-1.0.1-27.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update oci-seccomp-bpf-hook-1.2.3-3.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update oci-seccomp-bpf-hook-debugsource-1.2.3-3.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update podman-4.0.2-6.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update podman-catatonit-4.0.2-6.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update podman-debugsource-4.0.2-6.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update podman-docker-4.0.2-6.module+el8.6.0+14673+621cb8be.noarch.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update podman-gvproxy-4.0.2-6.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update podman-plugins-4.0.2-6.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update podman-remote-4.0.2-6.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update podman-tests-4.0.2-6.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update python3-criu-3.15-3.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update python3-podman-4.0.0-1.module+el8.6.0+14673+621cb8be.noarch.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update runc-1.0.3-2.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update runc-debugsource-1.0.3-2.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update skopeo-1.6.1-2.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update skopeo-debugsource-1.6.1-2.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update skopeo-tests-1.6.1-2.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update slirp4netns-1.1.8-2.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update slirp4netns-debugsource-1.1.8-2.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update toolbox-0.0.99.3-0.4.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update toolbox-debugsource-0.0.99.3-0.4.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update toolbox-tests-0.0.99.3-0.4.module+el8.6.0+14673+621cb8be.x86_64.rpm | Linux |
| (RHSA-2022:1762) container-tools:rhel8 security, bug fix, and enhancement update udica-0.2.6-2.module+el8.6.0+14673+621cb8be.noarch.rpm | Linux |
| SUSE-SU-2022:3747-1(SUSE Linux Enterprise Server 12-SP5 ) golang-github-prometheus-node_exporter-1.3.0-1.21.1.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update buildah-1.19.9-6.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update buildah-debugsource-1.19.9-6.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update buildah-tests-1.19.9-6.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update cockpit-podman-29-2.module+el8.7.0+16212+65e1b35f.noarch.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update conmon-2.0.26-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update conmon-debugsource-2.0.26-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update container-selinux-2.189.0-1.module+el8.7.0+16212+65e1b35f.noarch.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update containernetworking-plugins-0.9.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update containernetworking-plugins-debugsource-0.9.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update containers-common-1.2.4-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update crit-3.15-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update criu-3.15-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update criu-debugsource-3.15-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update crun-0.18-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update crun-debugsource-0.18-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update fuse-overlayfs-1.4.0-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update fuse-overlayfs-debugsource-1.4.0-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update libslirp-4.3.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update libslirp-debugsource-4.3.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update libslirp-devel-4.3.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update oci-seccomp-bpf-hook-debugsource-1.2.0-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update podman-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update podman-catatonit-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update podman-debugsource-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update podman-docker-3.0.1-13.module+el8.7.0+16212+65e1b35f.noarch.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update podman-plugins-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update podman-remote-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update podman-tests-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update python3-criu-3.15-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update runc-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update runc-debugsource-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update skopeo-1.2.4-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update skopeo-debugsource-1.2.4-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update skopeo-tests-1.2.4-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update slirp4netns-1.1.8-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update slirp4netns-debugsource-1.1.8-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update toolbox-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update toolbox-debugsource-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update toolbox-tests-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529) container-tools:3.0 security update udica-0.2.4-1.module+el8.7.0+16212+65e1b35f.noarch.rpm | Linux |
| (RHSA-2022:8057) grafana security, bug fix, and enhancement update grafana-7.5.15-3.el9.x86_64.rpm | Linux |
| grafana security, bug fix, and enhancement update (RLSA-2022:7519) grafana-7.5.15-3.el8.x86_64.rpm | Linux |
| container-tools:3.0 security update (RLSA-2022:7529) toolbox-0.0.99.3-1.module+el8.7.0+1076+9b1c11c1.x86_64.rpm | Linux |
| container-tools:3.0 security update (RLSA-2022:7529) toolbox-tests-0.0.99.3-1.module+el8.7.0+1076+9b1c11c1.x86_64.rpm | Linux |
| container-tools:3.0 security update (RLSA-2022:7529) container-selinux-2.189.0-1.module+el8.7.0+1076+9b1c11c1.noarch.rpm | Linux |
| grafana security, bug fix, and enhancement update (RLSA-2022:8057) grafana-7.5.15-3.el9.x86_64.rpm | Linux |
| Grafana update (ELSA-2023-6420) grafana-9.2.10-7.el9_3.x86_64.rpm | Linux |
| Grafana update (ELSA-2023-6972) grafana-9.2.10-7.el8_9.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update buildah-debuginfo-1.19.9-6.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update buildah-tests-debuginfo-1.19.9-6.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update conmon-debuginfo-2.0.26-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update containernetworking-plugins-debuginfo-0.9.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update criu-debuginfo-3.15-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update crun-debuginfo-0.18-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update fuse-overlayfs-debuginfo-1.4.0-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update libslirp-debuginfo-4.3.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update oci-seccomp-bpf-hook-debuginfo-1.2.0-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update podman-catatonit-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update podman-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update podman-plugins-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update podman-remote-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update runc-debuginfo-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update skopeo-debuginfo-1.2.4-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update slirp4netns-debuginfo-1.1.8-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| (RHSA-2022:7529)Moderate: security update toolbox-debuginfo-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm | Linux |
| SUSE-SU-2022:3745-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1.x86_64.rpm | Linux |
| Buildah update (ELSA-2022-7529) buildah-1.19.9-6.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Buildah-tests update (ELSA-2022-7529) buildah-tests-1.19.9-6.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Cockpit-podman update (ELSA-2022-7529) cockpit-podman-29-2.module+el8.7.0+20785+0180d035.noarch.rpm | Linux |
| Conmon update (ELSA-2022-7529) conmon-2.0.26-3.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Container-selinux update (ELSA-2022-7529) container-selinux-2.189.0-1.module+el8.7.0+20785+0180d035.noarch.rpm | Linux |
| Containernetworking-plugins update (ELSA-2022-7529) containernetworking-plugins-0.9.1-1.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Containers-common update (ELSA-2022-7529) containers-common-1.2.4-2.0.1.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Crit update (ELSA-2022-7529) crit-3.15-1.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Criu update (ELSA-2022-7529) criu-3.15-1.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Crun update (ELSA-2022-7529) crun-0.18-3.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Fuse-overlayfs update (ELSA-2022-7529) fuse-overlayfs-1.4.0-2.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Libslirp update (ELSA-2022-7529) libslirp-4.3.1-1.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Libslirp-devel update (ELSA-2022-7529) libslirp-devel-4.3.1-1.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Oci-seccomp-bpf-hook update (ELSA-2022-7529) oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Podman update (ELSA-2022-7529) podman-3.0.1-13.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Podman-catatonit update (ELSA-2022-7529) podman-catatonit-3.0.1-13.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Podman-docker update (ELSA-2022-7529) podman-docker-3.0.1-13.module+el8.7.0+20785+0180d035.noarch.rpm | Linux |
| Podman-plugins update (ELSA-2022-7529) podman-plugins-3.0.1-13.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Podman-remote update (ELSA-2022-7529) podman-remote-3.0.1-13.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Podman-tests update (ELSA-2022-7529) podman-tests-3.0.1-13.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Python3-criu update (ELSA-2022-7529) python3-criu-3.15-1.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Runc update (ELSA-2022-7529) runc-1.0.0-73.rc95.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Skopeo update (ELSA-2022-7529) skopeo-1.2.4-2.0.1.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Skopeo-tests update (ELSA-2022-7529) skopeo-tests-1.2.4-2.0.1.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Slirp4netns update (ELSA-2022-7529) slirp4netns-1.1.8-1.module+el8.7.0+20785+0180d035.x86_64.rpm | Linux |
| Udica update (ELSA-2022-7529) udica-0.2.4-1.module+el8.7.0+20785+0180d035.noarch.rpm | Linux |
| Moderate: container-tools:3.0 security update container-selinux-2.189.0-1.module_el8.7.0+3406+a17c4180.noarch.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234