Red Hat OpenShift: CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header
4
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
08/10/2022
11/30/2022
11/29/2022
11/28/2023
Description
Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.
Solution(s)
- linuxrpm-upgrade-butane
- linuxrpm-upgrade-ignition
- linuxrpm-upgrade-libsodium
- linuxrpm-upgrade-openstack-ironic
- linuxrpm-upgrade-openstack-ironic-inspector
- linuxrpm-upgrade-openstack-ironic-python-agent
- linuxrpm-upgrade-pyparsing
- linuxrpm-upgrade-pysnmp
- linuxrpm-upgrade-python-alembic
- linuxrpm-upgrade-python-amqp
- linuxrpm-upgrade-python-appdirs
- linuxrpm-upgrade-python-automaton
- linuxrpm-upgrade-python-bcrypt
- linuxrpm-upgrade-python-beautifulsoup4
- linuxrpm-upgrade-python-cachetools
- linuxrpm-upgrade-python-cinderclient
- linuxrpm-upgrade-python-cliff
- linuxrpm-upgrade-python-colorama
- linuxrpm-upgrade-python-construct
- linuxrpm-upgrade-python-dataclasses
- linuxrpm-upgrade-python-debtcollector
- linuxrpm-upgrade-python-decorator
- linuxrpm-upgrade-python-dogpile-cache
- linuxrpm-upgrade-python-dracclient
- linuxrpm-upgrade-python-editor
- linuxrpm-upgrade-python-fasteners
- linuxrpm-upgrade-python-flask
- linuxrpm-upgrade-python-funcsigs
- linuxrpm-upgrade-python-futurist
- linuxrpm-upgrade-python-glanceclient
- linuxrpm-upgrade-python-greenlet
- linuxrpm-upgrade-python-hardware
- linuxrpm-upgrade-python-ifaddr
- linuxrpm-upgrade-python-importlib-metadata
- linuxrpm-upgrade-python-ironic-lib
- linuxrpm-upgrade-python-ironic-prometheus-exporter
- linuxrpm-upgrade-python-iso8601
- linuxrpm-upgrade-python-jsonpath-rw
- linuxrpm-upgrade-python-jsonschema
- linuxrpm-upgrade-python-kazoo
- linuxrpm-upgrade-python-keyring
- linuxrpm-upgrade-python-keystoneauth1
- linuxrpm-upgrade-python-keystoneclient
- linuxrpm-upgrade-python-keystonemiddleware
- linuxrpm-upgrade-python-kombu
- linuxrpm-upgrade-python-logutils
- linuxrpm-upgrade-python-memcached
- linuxrpm-upgrade-python-migrate
- linuxrpm-upgrade-python-msgpack
- linuxrpm-upgrade-python-munch
- linuxrpm-upgrade-python-openstacksdk
- linuxrpm-upgrade-python-os-service-types
- linuxrpm-upgrade-python-os-traits
- linuxrpm-upgrade-python-osc-lib
- linuxrpm-upgrade-python-oslo-cache
- linuxrpm-upgrade-python-oslo-concurrency
- linuxrpm-upgrade-python-oslo-config
- linuxrpm-upgrade-python-oslo-context
- linuxrpm-upgrade-python-oslo-db
- linuxrpm-upgrade-python-oslo-i18n
- linuxrpm-upgrade-python-oslo-log
- linuxrpm-upgrade-python-oslo-messaging
- linuxrpm-upgrade-python-oslo-metrics
- linuxrpm-upgrade-python-oslo-middleware
- linuxrpm-upgrade-python-oslo-policy
- linuxrpm-upgrade-python-oslo-rootwrap
- linuxrpm-upgrade-python-oslo-serialization
- linuxrpm-upgrade-python-oslo-service
- linuxrpm-upgrade-python-oslo-upgradecheck
- linuxrpm-upgrade-python-oslo-utils
- linuxrpm-upgrade-python-oslo-versionedobjects
- linuxrpm-upgrade-python-osprofiler
- linuxrpm-upgrade-python-packaging
- linuxrpm-upgrade-python-paste
- linuxrpm-upgrade-python-paste-deploy
- linuxrpm-upgrade-python-pbr
- linuxrpm-upgrade-python-pecan
- linuxrpm-upgrade-python-pexpect
- linuxrpm-upgrade-python-pint
- linuxrpm-upgrade-python-proliantutils
- linuxrpm-upgrade-python-prometheus_client
- linuxrpm-upgrade-python-pycadf
- linuxrpm-upgrade-python-pycdlib
- linuxrpm-upgrade-python-pynacl
- linuxrpm-upgrade-python-pyperclip
- linuxrpm-upgrade-python-pyrsistent
- linuxrpm-upgrade-python-redis
- linuxrpm-upgrade-python-repoze-lru
- linuxrpm-upgrade-python-requestsexceptions
- linuxrpm-upgrade-python-retrying
- linuxrpm-upgrade-python-rfc3986
- linuxrpm-upgrade-python-routes
- linuxrpm-upgrade-python-scciclient
- linuxrpm-upgrade-python-secretstorage
- linuxrpm-upgrade-python-simplegeneric
- linuxrpm-upgrade-python-simplejson
- linuxrpm-upgrade-python-singledispatch
- linuxrpm-upgrade-python-six
- linuxrpm-upgrade-python-soupsieve
- linuxrpm-upgrade-python-sqlparse
- linuxrpm-upgrade-python-statsd
- linuxrpm-upgrade-python-stevedore
- linuxrpm-upgrade-python-sushy
- linuxrpm-upgrade-python-sushy-oem-idrac
- linuxrpm-upgrade-python-swiftclient
- linuxrpm-upgrade-python-tempita
- linuxrpm-upgrade-python-tenacity
- linuxrpm-upgrade-python-tooz
- linuxrpm-upgrade-python-vine
- linuxrpm-upgrade-python-voluptuous
- linuxrpm-upgrade-python-waitress
- linuxrpm-upgrade-python-warlock
- linuxrpm-upgrade-python-wcwidth
- linuxrpm-upgrade-python-webob
- linuxrpm-upgrade-python-webtest
- linuxrpm-upgrade-python-werkzeug
- linuxrpm-upgrade-python-wrapt
- linuxrpm-upgrade-python-wsme
- linuxrpm-upgrade-python-yappi
- linuxrpm-upgrade-python-zake
- linuxrpm-upgrade-python-zeroconf
- linuxrpm-upgrade-python-zipp
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center