Lucene search
Alpine Linux Development TeamALPINE:CVE-2022-41723HistoryFeb 28, 2023 - 6:15 p.m.
CVE-2022-41723
2023-02-2818:15:09
Alpine Linux Development Team
security.alpinelinux.org
45
http/2 stream
denial of service
hpack decoder
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.8
Confidence
High
EPSS
0.03
Percentile
91.0%
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | go | < 1.20.1-r0 | UNKNOWN |
| Alpine | edge-community | noarch | podman | < 4.4.3-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | go | < 1.19.6-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | go | < 1.20.1-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | podman | < 4.4.3-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | go | < 1.20.1-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | podman | < 4.4.3-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | go | < 1.20.1-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | podman | < 4.4.3-r0 | UNKNOWN |
Related
osv
osv
CGA-257w-7x5j-2xv6
2024-06-06 12:20:37
CGA-27f6-f37p-vhpx
2024-06-06 12:18:03
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
2023-02-16 22:31:36
debiancve
debiancve
CVE-2022-41723
2023-02-28 18:15:09
ubuntucve
ubuntucve
CVE-2022-41723
2023-02-28 00:00:00
CVE-2024-4436
2024-05-08 00:00:00
redhatcve
redhatcve
CVE-2022-41723
2023-03-14 23:43:00
CVE-2024-4436
2024-05-06 17:25:37
nessus
nessus
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2023-142)
2023-03-23 00:00:00
Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2023-337)
2023-09-08 00:00:00
Amazon Linux AMI : docker (ALAS-2023-1881)
2023-11-03 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: golang-github-cenkalti-backoff-4.2.0-2.fc37
2023-04-20 02:54:37
[SECURITY] Fedora 37 Update: golang-github-cli-crypto-0-0.2.20230331git6be313f.fc37
2023-04-20 02:54:37
[SECURITY] Fedora 37 Update: doctl-1.93.1-2.fc37
2023-04-22 00:55:39
ibm
ibm
cbl_mariner
cbl_mariner
CVE-2022-41723 affecting package telegraf for versions less than 1.26.0-2
2023-04-16 01:05:11
CVE-2022-41723 affecting package kubevirt for versions less than 1.2.0-1
2024-04-17 22:02:46
CVE-2022-41723 affecting package golang for versions less than 1.19.6-1
2024-02-25 03:00:06
redos
redos
ROS-20231030-04
2023-10-30 00:00:00
openvas
openvas
cve
cve
CVE-2022-41723
2023-02-28 18:15:09
CVE-2024-4436
2024-05-08 09:15:09
prion
prion
Code injection
2023-02-28 18:15:00
nvd
nvd
CVE-2022-41723
2023-02-28 18:15:09
CVE-2024-4436
2024-05-08 09:15:09
veracode
veracode
Denial Of Service (DoS)
2023-02-26 12:22:40
Denial Of Service (DoS)
2023-02-18 18:10:53
cvelist
cvelist
gitlab
gitlab
Uncontrolled Resource Consumption
2023-02-17 00:00:00
wolfi
wolfi
CVE-2022-41723 vulnerabilities
2024-09-30 03:53:08
amazon
amazon
Important: cni-plugins
2023-08-03 18:10:00
Important: rclone
2023-07-17 17:40:00
Important: docker
2023-10-30 23:31:00
redhat
redhat
cgr
cgr
CVE-2022-41723 vulnerabilities
2024-05-19 03:07:16
github
github
golang.org/x/net vulnerable to Uncontrolled Resource Consumption
2023-02-17 14:00:02
vulnrichment
vulnrichment
CVE-2024-4436 Etcd: incomplete fix for cve-2022-41723 in openstack platform
2024-05-08 08:57:12
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.19.6-alt1
2023-02-22 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.8
Confidence
High
EPSS
0.03
Percentile
91.0%
Related for ALPINE:CVE-2022-41723