vulnerability

Amazon Linux AMI 2: CVE-2022-41723: Security patch for amazon-ecr-credential-helper, amazon-ssm-agent, cni-plugins, containerd, cri-tools, docker, golang, nerdctl, rclone (Multiple Advisories)

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
2023-02-28
Added
2023-04-21
Modified
2025-01-28

Description

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

Solution(s)

amazon-linux-ami-2-upgrade-amazon-ecr-credential-helperamazon-linux-ami-2-upgrade-amazon-ecr-credential-helper-debuginfoamazon-linux-ami-2-upgrade-amazon-ssm-agentamazon-linux-ami-2-upgrade-amazon-ssm-agent-debuginfoamazon-linux-ami-2-upgrade-cni-pluginsamazon-linux-ami-2-upgrade-cni-plugins-debuginfoamazon-linux-ami-2-upgrade-containerdamazon-linux-ami-2-upgrade-containerd-debuginfoamazon-linux-ami-2-upgrade-containerd-stressamazon-linux-ami-2-upgrade-cri-toolsamazon-linux-ami-2-upgrade-cri-tools-debuginfoamazon-linux-ami-2-upgrade-dockeramazon-linux-ami-2-upgrade-docker-debuginfoamazon-linux-ami-2-upgrade-golangamazon-linux-ami-2-upgrade-golang-binamazon-linux-ami-2-upgrade-golang-docsamazon-linux-ami-2-upgrade-golang-miscamazon-linux-ami-2-upgrade-golang-raceamazon-linux-ami-2-upgrade-golang-sharedamazon-linux-ami-2-upgrade-golang-srcamazon-linux-ami-2-upgrade-golang-testsamazon-linux-ami-2-upgrade-nerdctlamazon-linux-ami-2-upgrade-nerdctl-debuginfoamazon-linux-ami-2-upgrade-rcloneamazon-linux-ami-2-upgrade-rclone-debuginfo

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today