vulnerability
Red Hat OpenShift: CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:P/A:N) | Aug 10, 2022 | Nov 29, 2022 | Apr 11, 2025 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
Aug 10, 2022
Added
Nov 29, 2022
Modified
Apr 11, 2025
Description
Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.
Solution(s)
linuxrpm-upgrade-butanelinuxrpm-upgrade-ignitionlinuxrpm-upgrade-libsodiumlinuxrpm-upgrade-openstack-ironiclinuxrpm-upgrade-openstack-ironic-inspectorlinuxrpm-upgrade-openstack-ironic-python-agentlinuxrpm-upgrade-pyparsinglinuxrpm-upgrade-pysnmplinuxrpm-upgrade-python-alembiclinuxrpm-upgrade-python-amqplinuxrpm-upgrade-python-appdirslinuxrpm-upgrade-python-automatonlinuxrpm-upgrade-python-bcryptlinuxrpm-upgrade-python-beautifulsoup4linuxrpm-upgrade-python-cachetoolslinuxrpm-upgrade-python-cinderclientlinuxrpm-upgrade-python-clifflinuxrpm-upgrade-python-coloramalinuxrpm-upgrade-python-constructlinuxrpm-upgrade-python-dataclasseslinuxrpm-upgrade-python-debtcollectorlinuxrpm-upgrade-python-decoratorlinuxrpm-upgrade-python-dogpile-cachelinuxrpm-upgrade-python-dracclientlinuxrpm-upgrade-python-editorlinuxrpm-upgrade-python-fastenerslinuxrpm-upgrade-python-flasklinuxrpm-upgrade-python-funcsigslinuxrpm-upgrade-python-futuristlinuxrpm-upgrade-python-glanceclientlinuxrpm-upgrade-python-greenletlinuxrpm-upgrade-python-hardwarelinuxrpm-upgrade-python-ifaddrlinuxrpm-upgrade-python-importlib-metadatalinuxrpm-upgrade-python-ironic-liblinuxrpm-upgrade-python-ironic-prometheus-exporterlinuxrpm-upgrade-python-iso8601linuxrpm-upgrade-python-jsonpath-rwlinuxrpm-upgrade-python-jsonschemalinuxrpm-upgrade-python-kazoolinuxrpm-upgrade-python-keyringlinuxrpm-upgrade-python-keystoneauth1linuxrpm-upgrade-python-keystoneclientlinuxrpm-upgrade-python-keystonemiddlewarelinuxrpm-upgrade-python-kombulinuxrpm-upgrade-python-logutilslinuxrpm-upgrade-python-memcachedlinuxrpm-upgrade-python-migratelinuxrpm-upgrade-python-msgpacklinuxrpm-upgrade-python-munchlinuxrpm-upgrade-python-openstacksdklinuxrpm-upgrade-python-os-service-typeslinuxrpm-upgrade-python-os-traitslinuxrpm-upgrade-python-osc-liblinuxrpm-upgrade-python-oslo-cachelinuxrpm-upgrade-python-oslo-concurrencylinuxrpm-upgrade-python-oslo-configlinuxrpm-upgrade-python-oslo-contextlinuxrpm-upgrade-python-oslo-dblinuxrpm-upgrade-python-oslo-i18nlinuxrpm-upgrade-python-oslo-loglinuxrpm-upgrade-python-oslo-messaginglinuxrpm-upgrade-python-oslo-metricslinuxrpm-upgrade-python-oslo-middlewarelinuxrpm-upgrade-python-oslo-policylinuxrpm-upgrade-python-oslo-rootwraplinuxrpm-upgrade-python-oslo-serializationlinuxrpm-upgrade-python-oslo-servicelinuxrpm-upgrade-python-oslo-upgradechecklinuxrpm-upgrade-python-oslo-utilslinuxrpm-upgrade-python-oslo-versionedobjectslinuxrpm-upgrade-python-osprofilerlinuxrpm-upgrade-python-packaginglinuxrpm-upgrade-python-pastelinuxrpm-upgrade-python-paste-deploylinuxrpm-upgrade-python-pbrlinuxrpm-upgrade-python-pecanlinuxrpm-upgrade-python-pexpectlinuxrpm-upgrade-python-pintlinuxrpm-upgrade-python-proliantutilslinuxrpm-upgrade-python-prometheus_clientlinuxrpm-upgrade-python-pycadflinuxrpm-upgrade-python-pycdliblinuxrpm-upgrade-python-pynacllinuxrpm-upgrade-python-pypercliplinuxrpm-upgrade-python-pyrsistentlinuxrpm-upgrade-python-redislinuxrpm-upgrade-python-repoze-lrulinuxrpm-upgrade-python-requestsexceptionslinuxrpm-upgrade-python-retryinglinuxrpm-upgrade-python-rfc3986linuxrpm-upgrade-python-routeslinuxrpm-upgrade-python-scciclientlinuxrpm-upgrade-python-secretstoragelinuxrpm-upgrade-python-simplegenericlinuxrpm-upgrade-python-simplejsonlinuxrpm-upgrade-python-singledispatchlinuxrpm-upgrade-python-sixlinuxrpm-upgrade-python-soupsievelinuxrpm-upgrade-python-sqlparselinuxrpm-upgrade-python-statsdlinuxrpm-upgrade-python-stevedorelinuxrpm-upgrade-python-sushylinuxrpm-upgrade-python-sushy-oem-idraclinuxrpm-upgrade-python-swiftclientlinuxrpm-upgrade-python-tempitalinuxrpm-upgrade-python-tenacitylinuxrpm-upgrade-python-toozlinuxrpm-upgrade-python-vinelinuxrpm-upgrade-python-voluptuouslinuxrpm-upgrade-python-waitresslinuxrpm-upgrade-python-warlocklinuxrpm-upgrade-python-wcwidthlinuxrpm-upgrade-python-weboblinuxrpm-upgrade-python-webtestlinuxrpm-upgrade-python-werkzeuglinuxrpm-upgrade-python-wraptlinuxrpm-upgrade-python-wsmelinuxrpm-upgrade-python-yappilinuxrpm-upgrade-python-zakelinuxrpm-upgrade-python-zeroconflinuxrpm-upgrade-python-zipp
References
- CVE-2022-1705
- https://attackerkb.com/topics/CVE-2022-1705
- REDHAT-RHSA-2022:5068
- REDHAT-RHSA-2022:5775
- REDHAT-RHSA-2022:5799
- REDHAT-RHSA-2022:5866
- REDHAT-RHSA-2022:6040
- REDHAT-RHSA-2022:6042
- REDHAT-RHSA-2022:6113
- REDHAT-RHSA-2022:6152
- REDHAT-RHSA-2022:6183
- REDHAT-RHSA-2022:6187
- REDHAT-RHSA-2022:6188
- REDHAT-RHSA-2022:6283
- REDHAT-RHSA-2022:6344
- REDHAT-RHSA-2022:6345
- REDHAT-RHSA-2022:6346
- REDHAT-RHSA-2022:6347
- REDHAT-RHSA-2022:6348
- REDHAT-RHSA-2022:6370
- REDHAT-RHSA-2022:6430
- REDHAT-RHSA-2022:7129
- REDHAT-RHSA-2022:7398
- REDHAT-RHSA-2022:7399
- REDHAT-RHSA-2022:7519
- REDHAT-RHSA-2022:7529
- REDHAT-RHSA-2022:7648
- REDHAT-RHSA-2022:8057
- REDHAT-RHSA-2022:8098
- REDHAT-RHSA-2022:8250
- REDHAT-RHSA-2022:8626
- REDHAT-RHSA-2022:9047
- REDHAT-RHSA-2023:0407
- REDHAT-RHSA-2023:0408
- REDHAT-RHSA-2023:1042
- REDHAT-RHSA-2023:1275
- REDHAT-RHSA-2023:1529
- REDHAT-RHSA-2023:2357
- REDHAT-RHSA-2023:2758
- REDHAT-RHSA-2023:2802
- REDHAT-RHSA-2023:3642
- REDHAT-RHSA-2023:3664
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.