vulnerability
Red Hat OpenShift: CVE-2022-32189: golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | 2022-08-10 | 2022-11-25 | 2025-04-11 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
2022-08-10
Added
2022-11-25
Modified
2025-04-11
Description
A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service.
Solution(s)
linuxrpm-upgrade-butanelinuxrpm-upgrade-cri-olinuxrpm-upgrade-cri-toolslinuxrpm-upgrade-ignition
References
- CVE-2022-32189
- https://attackerkb.com/topics/CVE-2022-32189
- REDHAT-RHSA-2022:7129
- REDHAT-RHSA-2022:7398
- REDHAT-RHSA-2022:7548
- REDHAT-RHSA-2022:7950
- REDHAT-RHSA-2022:8534
- REDHAT-RHSA-2022:8535
- REDHAT-RHSA-2022:8626
- REDHAT-RHSA-2022:8781
- REDHAT-RHSA-2023:0328
- REDHAT-RHSA-2023:0446
- REDHAT-RHSA-2023:0542
- REDHAT-RHSA-2023:0584
- REDHAT-RHSA-2023:0693
- REDHAT-RHSA-2023:1275
- REDHAT-RHSA-2023:1529
- REDHAT-RHSA-2023:2193
- REDHAT-RHSA-2023:2236
- REDHAT-RHSA-2023:2357
- REDHAT-RHSA-2023:2758
- REDHAT-RHSA-2023:2802
- REDHAT-RHSA-2023:3204
- REDHAT-RHSA-2023:3205
- REDHAT-RHSA-2023:3642
- REDHAT-RHSA-2023:3742
- REDHAT-RHSA-2024:2944
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.