html/template: improper sanitization of CSS values
Angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for injection of unexpected HMTL, if executed with untrusted input ...
Description<!----> This CVE is under investigation by Red Hat Product Security ...
The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve) This does not impact usages of crypto/ecdsa or crypto/ecdh (CVE-2023-24532)
HTTP and MIME header parsing could allocate large amounts of memory, even when parsing s ...
Templates did not properly consider backticks (`) as Javascript string delimiters, and as such didnot escape them as expected Backticks are used, since ES6, for JS template literals If a templatecontained a Go template action within a Javascript template literal, the contents of the action couldbe used to terminate the literal, injecting arbitrar ...
RESERVEDNOTE: groupsgooglecom/g/golang-announce/c/V0aBFqaFs_E (CVE-2022-41724)
Golang: net/http, mime/multipart: denial of service from excessive resource consumption (groupsgooglecom/g/golang-announce/c/V0aBFqaFs_E) (CVE-2022-41725)
The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if ca ...
http2/hpack: avoid quadratic complexity in hpack decoding (CVE-2022-41723)
Large handshake records may cause panics in crypto/tls Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses This affects all TLS 13 clients, TLS 12 clients which expli ...
http2/hpack: avoid quadratic complexity in hpack decoding (CVE-2022-41723)
Large handshake records may cause panics in crypto/tls Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses This affects all TLS 13 clients, TLS 12 clients which expli ...
Synopsis
Important: go-toolset-119 and go-toolset-119-golang security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for go-toolset-119 and go-toolset-119-golang is now available for Red Hat Develope ...
Synopsis
Important: Network observability 130 for Openshift
Type/Severity
Security Advisory: Important
Topic
Network Observability 130 for OpenShiftRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is ava ...
Synopsis
Important: Migration Toolkit for Applications security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Migration Toolkit for Applications 620 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...
Synopsis
Moderate: podman security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for podman is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated th ...
Synopsis
Important: go-toolset:rhel8 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has r ...
Synopsis
Important: Red Hat Advanced Cluster Security 374 for Kubernetes security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS) Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scor ...
Synopsis
Important: Red Hat Advanced Cluster Security for Kubernetes 373 security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security forKubernetes (RHACS) The updated image includes security fixesRed Hat Product Security has rated this update as having a security i ...
Synopsis
Important: OpenShift Container Platform 4134 packages and security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
Red Hat OpenShift Container Platform release 4134 is now available with updates to pac ...
Synopsis
Moderate: Multicluster Engine for Kubernetes 232 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Multicluster Engine for Kubernetes 232 General Availability release images,which contain security updates and fix bugsRed Hat Product Security has rated this update as having a security impactof Moderat ...
Synopsis
Important: Red Hat OpenStack Platform 162 (etcd) security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for etcd is now available for Red Hat OpenStack Platform 162(Train)Red Hat Product Sec ...
Synopsis
Important: ACS 40 enhancement and security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security (RHACS) The updated image includes security and bug fixesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnera ...
Synopsis
Moderate: OpenShift Container Platform 4134 bug fix and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4134 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Con ...
Synopsis
Important: OpenShift Virtualization 4125 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4125 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security imp ...
Synopsis
Important: OpenShift Virtualization 4125 RPMs security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
Red Hat OpenShift Virtualization release 4125 is now available with updates to package ...
Synopsis
Important: OpenShift Virtualization 4133 Images security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4133 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...
概述
Important: OpenShift Container Platform 41220 bug fix and security update
类型/严重性
Security Advisory: Important
标题
Red Hat OpenShift Container Platform release 41220 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShi ...
Synopsis
Moderate: Red Hat OpenShift Enterprise security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 41223 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Platform 4 ...
Synopsis
Important: Red Hat OpenShift Data Foundation 4133 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4133 on Red Hat Enterprise Linux 8 from Red Hat Container RegistryRed Hat Product Security has rated this upda ...
Synopsis
Important: OpenShift API for Data Protection (OADP) 115 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
OpenShift API for Data Protection (OADP) 115 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ba ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 282 security and bug fix updates
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 282 GeneralAvailability release images, which provide security updates and fix bugsRed Hat Product Security has rated this update as having a security i ...
Synopsis
Important: Red Hat OpenShift Service Mesh Containers for 240
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Service Mesh Containers for 240Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sev ...
Synopsis
Moderate: OpenShift Container Platform 41143 bug fix and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 41143 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
Synopsis
Important: Red Hat OpenShift Enterprise security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
Red Hat OpenShift Container Platform release 41063 is now available withupdates to packages and images tha ...
Synopsis
Important: OpenShift Container Platform 41063 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41063 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container P ...
Synopsis
Important: Security Update for cert-manager Operator for Red Hat OpenShift 1103
Type/Severity
Security Advisory: Important
Topic
cert-manager Operator for Red Hat OpenShift 1103Red Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability Scoring System (CVSS) base score, whichgive ...
Synopsis
Important: OpenShift API for Data Protection (OADP) 1011 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
OpenShift API for Data Protection (OADP) 1011 is now availableRed Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability Scoring System (CVSS) b ...
Synopsis
Important: OpenShift Container Platform 41144 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41144 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Synopsis
Important: OpenShift Container Platform 41221 packages and security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
Red Hat OpenShift Container Platform release 41221 is now available with updates to p ...
Synopsis
Moderate: containernetworking-plugins security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9Red Hat P ...
Synopsis
Moderate: skopeo security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for skopeo is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a secu ...
Synopsis
Moderate: toolbox security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for toolbox is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as ...
Synopsis
Moderate: buildah security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for buildah is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a se ...
Synopsis
Important: Red Hat Ansible Automation Platform 23 Product Security and Bug Fix Update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update is now available for Red Hat Ansible Automation Platform 23Red Hat ...
Synopsis
Important: Red Hat OpenShift Enterprise security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
Red Hat OpenShift Container Platform release 41144 is now available with updates to packages and images th ...
Synopsis
Important: Migration Toolkit for Containers (MTC) 1710 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
The Migration Toolkit for Containers (MTC) 1710 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...
Synopsis
Important: OpenShift Container Platform 4132 packages and security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
Red Hat OpenShift Container Platform release 4132 is now available with updates to pac ...
Synopsis
Important: OpenShift Container Platform 4132 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 4132 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...