vulnerability
Red Hat OpenShift: CVE-2022-24921: golang: regexp: stack exhaustion via a deeply nested expression
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | 2022-03-05 | 2022-08-02 | 2025-04-11 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
2022-03-05
Added
2022-08-02
Modified
2025-04-11
Description
regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.
Solution(s)
linuxrpm-upgrade-butanelinuxrpm-upgrade-cri-olinuxrpm-upgrade-cri-toolslinuxrpm-upgrade-ignitionlinuxrpm-upgrade-openshift-clients
References
- CVE-2022-24921
- https://attackerkb.com/topics/CVE-2022-24921
- REDHAT-RHSA-2022:5068
- REDHAT-RHSA-2022:5337
- REDHAT-RHSA-2022:5415
- REDHAT-RHSA-2022:5729
- REDHAT-RHSA-2022:5730
- REDHAT-RHSA-2022:5799
- REDHAT-RHSA-2022:6040
- REDHAT-RHSA-2022:6042
- REDHAT-RHSA-2022:6156
- REDHAT-RHSA-2022:6277
- REDHAT-RHSA-2022:6526
- REDHAT-RHSA-2022:6714
- REDHAT-RHSA-2022:8750
- REDHAT-RHSA-2023:0407

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.