Search for vulnerabilities
Vulnerability details: VCID-jbdq-mdbt-aaap
Vulnerability ID VCID-jbdq-mdbt-aaap
Aliases CVE-2022-41717
GHSA-xrjj-mj9h-534m
Summary An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-770 Allocation of Resources Without Limits or Throttling
System Score Found at
cvssv3.1 5.4 https://access.redhat.com/errata/RHSA-2023:6818
ssvc Track https://access.redhat.com/errata/RHSA-2023:6818
cvssv3 5.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41717.json
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00286 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00425 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00425 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00425 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00425 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00425 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00425 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00425 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.00549 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
epss 0.07954 https://api.first.org/data/v1/epss?cve=CVE-2022-41717
cvssv3.1 7.5 https://cs.opensource.google/go/x/net
generic_textual HIGH https://cs.opensource.google/go/x/net
cvssv3.1 7.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 5.3 https://go.dev/cl/455635
generic_textual MODERATE https://go.dev/cl/455635
cvssv3.1 5.3 https://go.dev/cl/455717
generic_textual MODERATE https://go.dev/cl/455717
cvssv3.1 5.3 https://go.dev/issue/56350
generic_textual MODERATE https://go.dev/issue/56350
cvssv3.1 5.3 https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ
generic_textual MODERATE https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV
generic_textual HIGH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV
cvssv3 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-41717
cvssv3.1 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-41717
cvssv3.1 5.3 https://pkg.go.dev/vuln/GO-2022-1144
generic_textual MODERATE https://pkg.go.dev/vuln/GO-2022-1144
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41717.json
https://api.first.org/data/v1/epss?cve=CVE-2022-41717
https://cs.opensource.google/go/x/net
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://go.dev/cl/455635
https://go.dev/cl/455717
https://go.dev/issue/56350
https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/
https://pkg.go.dev/vuln/GO-2022-1144
https://security.netapp.com/advisory/ntap-20230120-0008/
2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2161274
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:*
cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
CVE-2022-41717 https://nvd.nist.gov/vuln/detail/CVE-2022-41717
GLSA-202311-09 https://security.gentoo.org/glsa/202311-09
GLSA-202409-28 https://security.gentoo.org/glsa/202409-28
GLSA-202409-29 https://security.gentoo.org/glsa/202409-29
RHSA-2023:0328 https://access.redhat.com/errata/RHSA-2023:0328
RHSA-2023:0446 https://access.redhat.com/errata/RHSA-2023:0446
RHSA-2023:0584 https://access.redhat.com/errata/RHSA-2023:0584
RHSA-2023:0631 https://access.redhat.com/errata/RHSA-2023:0631
RHSA-2023:0632 https://access.redhat.com/errata/RHSA-2023:0632
RHSA-2023:0692 https://access.redhat.com/errata/RHSA-2023:0692
RHSA-2023:0693 https://access.redhat.com/errata/RHSA-2023:0693
RHSA-2023:0728 https://access.redhat.com/errata/RHSA-2023:0728
RHSA-2023:0769 https://access.redhat.com/errata/RHSA-2023:0769
RHSA-2023:0774 https://access.redhat.com/errata/RHSA-2023:0774
RHSA-2023:0899 https://access.redhat.com/errata/RHSA-2023:0899
RHSA-2023:0918 https://access.redhat.com/errata/RHSA-2023:0918
RHSA-2023:0930 https://access.redhat.com/errata/RHSA-2023:0930
RHSA-2023:0931 https://access.redhat.com/errata/RHSA-2023:0931
RHSA-2023:0932 https://access.redhat.com/errata/RHSA-2023:0932
RHSA-2023:0934 https://access.redhat.com/errata/RHSA-2023:0934
RHSA-2023:1030 https://access.redhat.com/errata/RHSA-2023:1030
RHSA-2023:1079 https://access.redhat.com/errata/RHSA-2023:1079
RHSA-2023:1154 https://access.redhat.com/errata/RHSA-2023:1154
RHSA-2023:1174 https://access.redhat.com/errata/RHSA-2023:1174
RHSA-2023:1179 https://access.redhat.com/errata/RHSA-2023:1179
RHSA-2023:1181 https://access.redhat.com/errata/RHSA-2023:1181
RHSA-2023:1268 https://access.redhat.com/errata/RHSA-2023:1268
RHSA-2023:1275 https://access.redhat.com/errata/RHSA-2023:1275
RHSA-2023:1276 https://access.redhat.com/errata/RHSA-2023:1276
RHSA-2023:1310 https://access.redhat.com/errata/RHSA-2023:1310
RHSA-2023:1325 https://access.redhat.com/errata/RHSA-2023:1325
RHSA-2023:1326 https://access.redhat.com/errata/RHSA-2023:1326
RHSA-2023:1327 https://access.redhat.com/errata/RHSA-2023:1327
RHSA-2023:1328 https://access.redhat.com/errata/RHSA-2023:1328
RHSA-2023:1329 https://access.redhat.com/errata/RHSA-2023:1329
RHSA-2023:1372 https://access.redhat.com/errata/RHSA-2023:1372
RHSA-2023:1448 https://access.redhat.com/errata/RHSA-2023:1448
RHSA-2023:1529 https://access.redhat.com/errata/RHSA-2023:1529
RHSA-2023:1816 https://access.redhat.com/errata/RHSA-2023:1816
RHSA-2023:1817 https://access.redhat.com/errata/RHSA-2023:1817
RHSA-2023:2204 https://access.redhat.com/errata/RHSA-2023:2204
RHSA-2023:2222 https://access.redhat.com/errata/RHSA-2023:2222
RHSA-2023:2236 https://access.redhat.com/errata/RHSA-2023:2236
RHSA-2023:2253 https://access.redhat.com/errata/RHSA-2023:2253
RHSA-2023:2282 https://access.redhat.com/errata/RHSA-2023:2282
RHSA-2023:2283 https://access.redhat.com/errata/RHSA-2023:2283
RHSA-2023:2357 https://access.redhat.com/errata/RHSA-2023:2357
RHSA-2023:2367 https://access.redhat.com/errata/RHSA-2023:2367
RHSA-2023:2728 https://access.redhat.com/errata/RHSA-2023:2728
RHSA-2023:2758 https://access.redhat.com/errata/RHSA-2023:2758
RHSA-2023:2780 https://access.redhat.com/errata/RHSA-2023:2780
RHSA-2023:2802 https://access.redhat.com/errata/RHSA-2023:2802
RHSA-2023:2866 https://access.redhat.com/errata/RHSA-2023:2866
RHSA-2023:3204 https://access.redhat.com/errata/RHSA-2023:3204
RHSA-2023:3205 https://access.redhat.com/errata/RHSA-2023:3205
RHSA-2023:3612 https://access.redhat.com/errata/RHSA-2023:3612
RHSA-2023:3664 https://access.redhat.com/errata/RHSA-2023:3664
RHSA-2023:3742 https://access.redhat.com/errata/RHSA-2023:3742
RHSA-2023:3910 https://access.redhat.com/errata/RHSA-2023:3910
RHSA-2023:3914 https://access.redhat.com/errata/RHSA-2023:3914
RHSA-2023:4090 https://access.redhat.com/errata/RHSA-2023:4090
RHSA-2023:4091 https://access.redhat.com/errata/RHSA-2023:4091
RHSA-2023:4470 https://access.redhat.com/errata/RHSA-2023:4470
RHSA-2023:5982 https://access.redhat.com/errata/RHSA-2023:5982
RHSA-2023:6420 https://access.redhat.com/errata/RHSA-2023:6420
RHSA-2023:6818 https://access.redhat.com/errata/RHSA-2023:6818
RHSA-2024:0746 https://access.redhat.com/errata/RHSA-2024:0746
USN-6038-1 https://usn.ubuntu.com/6038-1/
USN-6038-2 https://usn.ubuntu.com/6038-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2023:6818
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-11T19:42:07Z/ Found at https://access.redhat.com/errata/RHSA-2023:6818
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41717.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://cs.opensource.google/go/x/net
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://go.dev/cl/455635
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://go.dev/cl/455717
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://go.dev/issue/56350
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2022-41717
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2022-41717
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://pkg.go.dev/vuln/GO-2022-1144
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.69306
EPSS Score 0.00286
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.