vulnerability
Alma Linux: CVE-2021-33197: Moderate: go-toolset:rhel8 security, bug fix, and enhancement update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Aug 2, 2021 | May 4, 2022 | Mar 31, 2026 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Aug 2, 2021
Added
May 4, 2022
Modified
Mar 31, 2026
Description
In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers.
Solutions
alma-upgrade-buildahalma-upgrade-buildah-testsalma-upgrade-delvealma-upgrade-grafanaalma-upgrade-podmanalma-upgrade-podman-dockeralma-upgrade-podman-gvproxyalma-upgrade-podman-pluginsalma-upgrade-podman-remotealma-upgrade-podman-tests
References
- CVE-2021-33197
- https://attackerkb.com/topics/CVE-2021-33197
- CWE-862
- EUVD-EUVD-2021-19910
- https://errata.almalinux.org/8/ALSA-2021-4156.html
- https://errata.almalinux.org/8/ALSA-2021-4226.html
- https://errata.almalinux.org/9/ALSA-2022-7954.html
- https://errata.almalinux.org/9/ALSA-2022-8008.html
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-19910
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.