rhsa-2024_1433
Vulnerability from csaf_redhat
Published
2024-03-20 00:40
Modified
2024-12-10 18:04
Summary
Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update
Notes
Topic
Migration Toolkit for Applications 7.0.2 release
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Migration Toolkit for Applications 7.0.2 Images
Security Fix(es) from Bugzilla:
* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Migration Toolkit for Applications 7.0.2 release\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Migration Toolkit for Applications 7.0.2 Images\n\nSecurity Fix(es) from Bugzilla:\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1433", "url": "https://access.redhat.com/errata/RHSA-2024:1433" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2107376", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376" }, { "category": "external", "summary": "MTA-1255", "url": "https://issues.redhat.com/browse/MTA-1255" }, { "category": "external", "summary": "MTA-1468", "url": "https://issues.redhat.com/browse/MTA-1468" }, { "category": "external", "summary": "MTA-1648", "url": "https://issues.redhat.com/browse/MTA-1648" }, { "category": "external", "summary": "MTA-1721", "url": "https://issues.redhat.com/browse/MTA-1721" }, { "category": "external", "summary": "MTA-1726", "url": "https://issues.redhat.com/browse/MTA-1726" }, { "category": "external", "summary": "MTA-1785", "url": "https://issues.redhat.com/browse/MTA-1785" }, { "category": "external", "summary": "MTA-1790", "url": "https://issues.redhat.com/browse/MTA-1790" }, { "category": "external", "summary": "MTA-1845", "url": "https://issues.redhat.com/browse/MTA-1845" }, { "category": "external", "summary": "MTA-1868", "url": "https://issues.redhat.com/browse/MTA-1868" }, { "category": "external", "summary": "MTA-1872", "url": "https://issues.redhat.com/browse/MTA-1872" }, { "category": "external", "summary": "MTA-1880", "url": "https://issues.redhat.com/browse/MTA-1880" }, { "category": "external", "summary": "MTA-1888", "url": "https://issues.redhat.com/browse/MTA-1888" }, { "category": "external", "summary": "MTA-1955", "url": "https://issues.redhat.com/browse/MTA-1955" }, { "category": "external", "summary": "MTA-1956", "url": "https://issues.redhat.com/browse/MTA-1956" }, { "category": "external", "summary": "MTA-1958", "url": "https://issues.redhat.com/browse/MTA-1958" }, { "category": "external", "summary": "MTA-1963", "url": "https://issues.redhat.com/browse/MTA-1963" }, { "category": "external", "summary": "MTA-1964", "url": "https://issues.redhat.com/browse/MTA-1964" }, { "category": "external", "summary": "MTA-1965", "url": "https://issues.redhat.com/browse/MTA-1965" }, { "category": "external", "summary": "MTA-1967", "url": "https://issues.redhat.com/browse/MTA-1967" }, { "category": "external", "summary": "MTA-1972", "url": "https://issues.redhat.com/browse/MTA-1972" }, { "category": "external", "summary": "MTA-1973", "url": "https://issues.redhat.com/browse/MTA-1973" }, { "category": "external", "summary": "MTA-2004", "url": "https://issues.redhat.com/browse/MTA-2004" }, { "category": "external", "summary": "MTA-2007", "url": "https://issues.redhat.com/browse/MTA-2007" }, { "category": "external", "summary": "MTA-2008", "url": "https://issues.redhat.com/browse/MTA-2008" }, { "category": "external", "summary": "MTA-2018", "url": "https://issues.redhat.com/browse/MTA-2018" }, { "category": "external", "summary": "MTA-2020", "url": "https://issues.redhat.com/browse/MTA-2020" }, { "category": "external", "summary": "MTA-2041", "url": "https://issues.redhat.com/browse/MTA-2041" }, { "category": "external", "summary": "MTA-2043", "url": "https://issues.redhat.com/browse/MTA-2043" }, { "category": "external", "summary": "MTA-2046", "url": "https://issues.redhat.com/browse/MTA-2046" }, { "category": "external", "summary": "MTA-2047", "url": "https://issues.redhat.com/browse/MTA-2047" }, { "category": "external", "summary": "MTA-2056", "url": "https://issues.redhat.com/browse/MTA-2056" }, { "category": "external", "summary": "MTA-2064", "url": "https://issues.redhat.com/browse/MTA-2064" }, { "category": "external", "summary": "MTA-2067", "url": "https://issues.redhat.com/browse/MTA-2067" }, { "category": "external", "summary": "MTA-2087", "url": "https://issues.redhat.com/browse/MTA-2087" }, { "category": "external", "summary": "MTA-2093", "url": "https://issues.redhat.com/browse/MTA-2093" }, { "category": "external", "summary": "MTA-2099", "url": "https://issues.redhat.com/browse/MTA-2099" }, { "category": "external", "summary": "MTA-2101", "url": "https://issues.redhat.com/browse/MTA-2101" }, { "category": "external", "summary": "MTA-2160", "url": "https://issues.redhat.com/browse/MTA-2160" }, { "category": "external", "summary": "MTA-2201", "url": "https://issues.redhat.com/browse/MTA-2201" }, { "category": "external", "summary": "MTA-2246", "url": "https://issues.redhat.com/browse/MTA-2246" }, { "category": "external", "summary": "MTA-2260", "url": "https://issues.redhat.com/browse/MTA-2260" }, { "category": "external", "summary": "MTA-2283", "url": "https://issues.redhat.com/browse/MTA-2283" }, { "category": "external", "summary": "MTA-2296", "url": "https://issues.redhat.com/browse/MTA-2296" }, { "category": "external", "summary": "MTA-2320", "url": "https://issues.redhat.com/browse/MTA-2320" }, { "category": "external", "summary": "MTA-2322", "url": "https://issues.redhat.com/browse/MTA-2322" }, { "category": "external", "summary": "MTA-2332", "url": "https://issues.redhat.com/browse/MTA-2332" }, { "category": "external", "summary": "MTA-2343", "url": "https://issues.redhat.com/browse/MTA-2343" }, { "category": "external", "summary": "MTA-2346", "url": "https://issues.redhat.com/browse/MTA-2346" }, { "category": "external", "summary": "MTA-2351", "url": "https://issues.redhat.com/browse/MTA-2351" }, { "category": "external", "summary": "MTA-2354", "url": "https://issues.redhat.com/browse/MTA-2354" }, { "category": "external", "summary": "MTA-2359", "url": "https://issues.redhat.com/browse/MTA-2359" }, { "category": "external", "summary": "MTA-467", "url": "https://issues.redhat.com/browse/MTA-467" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1433.json" } ], "title": "Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update", "tracking": { "current_release_date": "2024-12-10T18:04:32+00:00", "generator": { "date": "2024-12-10T18:04:32+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:1433", "initial_release_date": "2024-03-20T00:40:07+00:00", "revision_history": [ { "date": "2024-03-20T00:40:07+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-03-20T00:40:07+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T18:04:32+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "MTA 7.0 for RHEL 9", "product": { "name": "MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:migration_toolkit_applications:7.0::el9" } } }, { "category": "product_name", "name": "MTA 7.0 for RHEL 8", "product": { "name": "MTA 7.0 for RHEL 8", "product_id": "8Base-MTA-7.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:migration_toolkit_applications:7.0::el8" } } } ], "category": "product_family", "name": "Migration Toolkit for Applications" }, { "branches": [ { "category": "product_version", "name": "mta/mta-analyzer-addon-rhel9@sha256:9b3bd8a8bc45ebb2ebfbd13cd571bd52d5d210b82e760ef8ca49d597709d7f83_amd64", "product": { "name": "mta/mta-analyzer-addon-rhel9@sha256:9b3bd8a8bc45ebb2ebfbd13cd571bd52d5d210b82e760ef8ca49d597709d7f83_amd64", "product_id": "mta/mta-analyzer-addon-rhel9@sha256:9b3bd8a8bc45ebb2ebfbd13cd571bd52d5d210b82e760ef8ca49d597709d7f83_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-analyzer-addon-rhel9@sha256:9b3bd8a8bc45ebb2ebfbd13cd571bd52d5d210b82e760ef8ca49d597709d7f83?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-analyzer-addon-rhel9\u0026tag=7.0.2-10" } } }, { "category": "product_version", "name": "mta/mta-analyzer-lsp-rhel9@sha256:e318451c6efa1559657e9fe928087ff8fea30478d64f4cb75c5919c5279ebba1_amd64", "product": { "name": "mta/mta-analyzer-lsp-rhel9@sha256:e318451c6efa1559657e9fe928087ff8fea30478d64f4cb75c5919c5279ebba1_amd64", "product_id": "mta/mta-analyzer-lsp-rhel9@sha256:e318451c6efa1559657e9fe928087ff8fea30478d64f4cb75c5919c5279ebba1_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-analyzer-lsp-rhel9@sha256:e318451c6efa1559657e9fe928087ff8fea30478d64f4cb75c5919c5279ebba1?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-analyzer-lsp-rhel9\u0026tag=7.0.2-9" } } }, { "category": "product_version", "name": "mta/mta-cli-rhel9@sha256:afc5c7e7d8cd563a47a6475eb9c23e31553eeeaa0709407a8cd1e7492657ea08_amd64", "product": { "name": "mta/mta-cli-rhel9@sha256:afc5c7e7d8cd563a47a6475eb9c23e31553eeeaa0709407a8cd1e7492657ea08_amd64", "product_id": "mta/mta-cli-rhel9@sha256:afc5c7e7d8cd563a47a6475eb9c23e31553eeeaa0709407a8cd1e7492657ea08_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-cli-rhel9@sha256:afc5c7e7d8cd563a47a6475eb9c23e31553eeeaa0709407a8cd1e7492657ea08?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-cli-rhel9\u0026tag=7.0.2-13" } } }, { "category": "product_version", "name": "mta/mta-hub-rhel9@sha256:5690f54c7dde45d95b407c0f1393a8e01e6f8e5512a2595ef8effe74b19a6d4a_amd64", "product": { "name": "mta/mta-hub-rhel9@sha256:5690f54c7dde45d95b407c0f1393a8e01e6f8e5512a2595ef8effe74b19a6d4a_amd64", "product_id": "mta/mta-hub-rhel9@sha256:5690f54c7dde45d95b407c0f1393a8e01e6f8e5512a2595ef8effe74b19a6d4a_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-hub-rhel9@sha256:5690f54c7dde45d95b407c0f1393a8e01e6f8e5512a2595ef8effe74b19a6d4a?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-hub-rhel9\u0026tag=7.0.2-9" } } }, { "category": "product_version", "name": "mta/mta-operator-bundle@sha256:b8c09648ffba53778128e145ab66b347f68e7960eaa345830363313f9d564d88_amd64", "product": { "name": "mta/mta-operator-bundle@sha256:b8c09648ffba53778128e145ab66b347f68e7960eaa345830363313f9d564d88_amd64", "product_id": "mta/mta-operator-bundle@sha256:b8c09648ffba53778128e145ab66b347f68e7960eaa345830363313f9d564d88_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-operator-bundle@sha256:b8c09648ffba53778128e145ab66b347f68e7960eaa345830363313f9d564d88?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-operator-bundle\u0026tag=7.0.2-28" } } }, { "category": "product_version", "name": "mta/mta-rhel8-operator@sha256:cc32dfeeb33b7e2d2a63098b2c1c09999a955b69349cbe3e3902fc1101d176a0_amd64", "product": { "name": "mta/mta-rhel8-operator@sha256:cc32dfeeb33b7e2d2a63098b2c1c09999a955b69349cbe3e3902fc1101d176a0_amd64", "product_id": "mta/mta-rhel8-operator@sha256:cc32dfeeb33b7e2d2a63098b2c1c09999a955b69349cbe3e3902fc1101d176a0_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-rhel8-operator@sha256:cc32dfeeb33b7e2d2a63098b2c1c09999a955b69349cbe3e3902fc1101d176a0?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-rhel8-operator\u0026tag=7.0.2-6" } } }, { "category": "product_version", "name": "mta/mta-ui-rhel9@sha256:06c7b18081e2285b29082e26bd013a8d8d464a7641dd8d285e4909ca86514fde_amd64", "product": { "name": "mta/mta-ui-rhel9@sha256:06c7b18081e2285b29082e26bd013a8d8d464a7641dd8d285e4909ca86514fde_amd64", "product_id": "mta/mta-ui-rhel9@sha256:06c7b18081e2285b29082e26bd013a8d8d464a7641dd8d285e4909ca86514fde_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-ui-rhel9@sha256:06c7b18081e2285b29082e26bd013a8d8d464a7641dd8d285e4909ca86514fde?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-ui-rhel9\u0026tag=7.0.2-12" } } }, { "category": "product_version", "name": "mta/mta-windup-shim-rhel9@sha256:4a35cbbe8c24232c138460ff50d1076392136ddedb7111c26ab2b074ad4017a7_amd64", "product": { "name": "mta/mta-windup-shim-rhel9@sha256:4a35cbbe8c24232c138460ff50d1076392136ddedb7111c26ab2b074ad4017a7_amd64", "product_id": "mta/mta-windup-shim-rhel9@sha256:4a35cbbe8c24232c138460ff50d1076392136ddedb7111c26ab2b074ad4017a7_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-windup-shim-rhel9@sha256:4a35cbbe8c24232c138460ff50d1076392136ddedb7111c26ab2b074ad4017a7?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-windup-shim-rhel9\u0026tag=7.0.2-10" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "mta/mta-analyzer-lsp-rhel9@sha256:b0a3d36ec379c6c796d18e31b238f2112a3a6ab31f68798c36fb3b588477c451_arm64", "product": { "name": "mta/mta-analyzer-lsp-rhel9@sha256:b0a3d36ec379c6c796d18e31b238f2112a3a6ab31f68798c36fb3b588477c451_arm64", "product_id": "mta/mta-analyzer-lsp-rhel9@sha256:b0a3d36ec379c6c796d18e31b238f2112a3a6ab31f68798c36fb3b588477c451_arm64", "product_identification_helper": { "purl": "pkg:oci/mta-analyzer-lsp-rhel9@sha256:b0a3d36ec379c6c796d18e31b238f2112a3a6ab31f68798c36fb3b588477c451?arch=arm64\u0026repository_url=registry.redhat.io/mta/mta-analyzer-lsp-rhel9\u0026tag=7.0.2-9" } } }, { "category": "product_version", "name": "mta/mta-cli-rhel9@sha256:d7e65ce9ab3b1d91205a2edbb4293cb8362a323b650a3daf7caf9103ae258812_arm64", "product": { "name": "mta/mta-cli-rhel9@sha256:d7e65ce9ab3b1d91205a2edbb4293cb8362a323b650a3daf7caf9103ae258812_arm64", "product_id": "mta/mta-cli-rhel9@sha256:d7e65ce9ab3b1d91205a2edbb4293cb8362a323b650a3daf7caf9103ae258812_arm64", "product_identification_helper": { "purl": "pkg:oci/mta-cli-rhel9@sha256:d7e65ce9ab3b1d91205a2edbb4293cb8362a323b650a3daf7caf9103ae258812?arch=arm64\u0026repository_url=registry.redhat.io/mta/mta-cli-rhel9\u0026tag=7.0.2-13" } } }, { "category": "product_version", "name": "mta/mta-windup-shim-rhel9@sha256:3322ff5bdd8d9422567b37888cfe132d48455503e62a38953d5b318d80a02c91_arm64", "product": { "name": "mta/mta-windup-shim-rhel9@sha256:3322ff5bdd8d9422567b37888cfe132d48455503e62a38953d5b318d80a02c91_arm64", "product_id": "mta/mta-windup-shim-rhel9@sha256:3322ff5bdd8d9422567b37888cfe132d48455503e62a38953d5b318d80a02c91_arm64", "product_identification_helper": { "purl": "pkg:oci/mta-windup-shim-rhel9@sha256:3322ff5bdd8d9422567b37888cfe132d48455503e62a38953d5b318d80a02c91?arch=arm64\u0026repository_url=registry.redhat.io/mta/mta-windup-shim-rhel9\u0026tag=7.0.2-10" } } } ], "category": "architecture", "name": "arm64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "mta/mta-rhel8-operator@sha256:cc32dfeeb33b7e2d2a63098b2c1c09999a955b69349cbe3e3902fc1101d176a0_amd64 as a component of MTA 7.0 for RHEL 8", "product_id": "8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:cc32dfeeb33b7e2d2a63098b2c1c09999a955b69349cbe3e3902fc1101d176a0_amd64" }, "product_reference": "mta/mta-rhel8-operator@sha256:cc32dfeeb33b7e2d2a63098b2c1c09999a955b69349cbe3e3902fc1101d176a0_amd64", "relates_to_product_reference": "8Base-MTA-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-analyzer-addon-rhel9@sha256:9b3bd8a8bc45ebb2ebfbd13cd571bd52d5d210b82e760ef8ca49d597709d7f83_amd64 as a component of MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:9b3bd8a8bc45ebb2ebfbd13cd571bd52d5d210b82e760ef8ca49d597709d7f83_amd64" }, "product_reference": "mta/mta-analyzer-addon-rhel9@sha256:9b3bd8a8bc45ebb2ebfbd13cd571bd52d5d210b82e760ef8ca49d597709d7f83_amd64", "relates_to_product_reference": "9Base-MTA-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-analyzer-lsp-rhel9@sha256:b0a3d36ec379c6c796d18e31b238f2112a3a6ab31f68798c36fb3b588477c451_arm64 as a component of MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:b0a3d36ec379c6c796d18e31b238f2112a3a6ab31f68798c36fb3b588477c451_arm64" }, "product_reference": "mta/mta-analyzer-lsp-rhel9@sha256:b0a3d36ec379c6c796d18e31b238f2112a3a6ab31f68798c36fb3b588477c451_arm64", "relates_to_product_reference": "9Base-MTA-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-analyzer-lsp-rhel9@sha256:e318451c6efa1559657e9fe928087ff8fea30478d64f4cb75c5919c5279ebba1_amd64 as a component of MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:e318451c6efa1559657e9fe928087ff8fea30478d64f4cb75c5919c5279ebba1_amd64" }, "product_reference": "mta/mta-analyzer-lsp-rhel9@sha256:e318451c6efa1559657e9fe928087ff8fea30478d64f4cb75c5919c5279ebba1_amd64", "relates_to_product_reference": "9Base-MTA-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-cli-rhel9@sha256:afc5c7e7d8cd563a47a6475eb9c23e31553eeeaa0709407a8cd1e7492657ea08_amd64 as a component of MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:afc5c7e7d8cd563a47a6475eb9c23e31553eeeaa0709407a8cd1e7492657ea08_amd64" }, "product_reference": "mta/mta-cli-rhel9@sha256:afc5c7e7d8cd563a47a6475eb9c23e31553eeeaa0709407a8cd1e7492657ea08_amd64", "relates_to_product_reference": "9Base-MTA-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-cli-rhel9@sha256:d7e65ce9ab3b1d91205a2edbb4293cb8362a323b650a3daf7caf9103ae258812_arm64 as a component of MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:d7e65ce9ab3b1d91205a2edbb4293cb8362a323b650a3daf7caf9103ae258812_arm64" }, "product_reference": "mta/mta-cli-rhel9@sha256:d7e65ce9ab3b1d91205a2edbb4293cb8362a323b650a3daf7caf9103ae258812_arm64", "relates_to_product_reference": "9Base-MTA-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-hub-rhel9@sha256:5690f54c7dde45d95b407c0f1393a8e01e6f8e5512a2595ef8effe74b19a6d4a_amd64 as a component of MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:5690f54c7dde45d95b407c0f1393a8e01e6f8e5512a2595ef8effe74b19a6d4a_amd64" }, "product_reference": "mta/mta-hub-rhel9@sha256:5690f54c7dde45d95b407c0f1393a8e01e6f8e5512a2595ef8effe74b19a6d4a_amd64", "relates_to_product_reference": "9Base-MTA-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-operator-bundle@sha256:b8c09648ffba53778128e145ab66b347f68e7960eaa345830363313f9d564d88_amd64 as a component of MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0:mta/mta-operator-bundle@sha256:b8c09648ffba53778128e145ab66b347f68e7960eaa345830363313f9d564d88_amd64" }, "product_reference": "mta/mta-operator-bundle@sha256:b8c09648ffba53778128e145ab66b347f68e7960eaa345830363313f9d564d88_amd64", "relates_to_product_reference": "9Base-MTA-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-ui-rhel9@sha256:06c7b18081e2285b29082e26bd013a8d8d464a7641dd8d285e4909ca86514fde_amd64 as a component of MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:06c7b18081e2285b29082e26bd013a8d8d464a7641dd8d285e4909ca86514fde_amd64" }, "product_reference": "mta/mta-ui-rhel9@sha256:06c7b18081e2285b29082e26bd013a8d8d464a7641dd8d285e4909ca86514fde_amd64", "relates_to_product_reference": "9Base-MTA-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-windup-shim-rhel9@sha256:3322ff5bdd8d9422567b37888cfe132d48455503e62a38953d5b318d80a02c91_arm64 as a component of MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:3322ff5bdd8d9422567b37888cfe132d48455503e62a38953d5b318d80a02c91_arm64" }, "product_reference": "mta/mta-windup-shim-rhel9@sha256:3322ff5bdd8d9422567b37888cfe132d48455503e62a38953d5b318d80a02c91_arm64", "relates_to_product_reference": "9Base-MTA-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-windup-shim-rhel9@sha256:4a35cbbe8c24232c138460ff50d1076392136ddedb7111c26ab2b074ad4017a7_amd64 as a component of MTA 7.0 for RHEL 9", "product_id": "9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:4a35cbbe8c24232c138460ff50d1076392136ddedb7111c26ab2b074ad4017a7_amd64" }, "product_reference": "mta/mta-windup-shim-rhel9@sha256:4a35cbbe8c24232c138460ff50d1076392136ddedb7111c26ab2b074ad4017a7_amd64", "relates_to_product_reference": "9Base-MTA-7.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-1962", "cwe": { "id": "CWE-1325", "name": "Improperly Controlled Sequential Memory Allocation" }, "discovery_date": "2022-07-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:cc32dfeeb33b7e2d2a63098b2c1c09999a955b69349cbe3e3902fc1101d176a0_amd64", "9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:9b3bd8a8bc45ebb2ebfbd13cd571bd52d5d210b82e760ef8ca49d597709d7f83_amd64", "9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:b0a3d36ec379c6c796d18e31b238f2112a3a6ab31f68798c36fb3b588477c451_arm64", "9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:e318451c6efa1559657e9fe928087ff8fea30478d64f4cb75c5919c5279ebba1_amd64", "9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:afc5c7e7d8cd563a47a6475eb9c23e31553eeeaa0709407a8cd1e7492657ea08_amd64", "9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:d7e65ce9ab3b1d91205a2edbb4293cb8362a323b650a3daf7caf9103ae258812_arm64", "9Base-MTA-7.0:mta/mta-operator-bundle@sha256:b8c09648ffba53778128e145ab66b347f68e7960eaa345830363313f9d564d88_amd64", "9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:06c7b18081e2285b29082e26bd013a8d8d464a7641dd8d285e4909ca86514fde_amd64", "9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:3322ff5bdd8d9422567b37888cfe132d48455503e62a38953d5b318d80a02c91_arm64", "9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:4a35cbbe8c24232c138460ff50d1076392136ddedb7111c26ab2b074ad4017a7_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2107376" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: go/parser: stack exhaustion in all Parse* functions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:5690f54c7dde45d95b407c0f1393a8e01e6f8e5512a2595ef8effe74b19a6d4a_amd64" ], "known_not_affected": [ "8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:cc32dfeeb33b7e2d2a63098b2c1c09999a955b69349cbe3e3902fc1101d176a0_amd64", "9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:9b3bd8a8bc45ebb2ebfbd13cd571bd52d5d210b82e760ef8ca49d597709d7f83_amd64", "9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:b0a3d36ec379c6c796d18e31b238f2112a3a6ab31f68798c36fb3b588477c451_arm64", "9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:e318451c6efa1559657e9fe928087ff8fea30478d64f4cb75c5919c5279ebba1_amd64", "9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:afc5c7e7d8cd563a47a6475eb9c23e31553eeeaa0709407a8cd1e7492657ea08_amd64", "9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:d7e65ce9ab3b1d91205a2edbb4293cb8362a323b650a3daf7caf9103ae258812_arm64", "9Base-MTA-7.0:mta/mta-operator-bundle@sha256:b8c09648ffba53778128e145ab66b347f68e7960eaa345830363313f9d564d88_amd64", "9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:06c7b18081e2285b29082e26bd013a8d8d464a7641dd8d285e4909ca86514fde_amd64", "9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:3322ff5bdd8d9422567b37888cfe132d48455503e62a38953d5b318d80a02c91_arm64", "9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:4a35cbbe8c24232c138460ff50d1076392136ddedb7111c26ab2b074ad4017a7_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-1962" }, { "category": "external", "summary": "RHBZ#2107376", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1962", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1962", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1962" }, { "category": "external", "summary": "https://go.dev/issue/53616", "url": "https://go.dev/issue/53616" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" } ], "release_date": "2022-07-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-20T00:40:07+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:5690f54c7dde45d95b407c0f1393a8e01e6f8e5512a2595ef8effe74b19a6d4a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1433" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:cc32dfeeb33b7e2d2a63098b2c1c09999a955b69349cbe3e3902fc1101d176a0_amd64", "9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:9b3bd8a8bc45ebb2ebfbd13cd571bd52d5d210b82e760ef8ca49d597709d7f83_amd64", "9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:b0a3d36ec379c6c796d18e31b238f2112a3a6ab31f68798c36fb3b588477c451_arm64", "9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:e318451c6efa1559657e9fe928087ff8fea30478d64f4cb75c5919c5279ebba1_amd64", "9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:afc5c7e7d8cd563a47a6475eb9c23e31553eeeaa0709407a8cd1e7492657ea08_amd64", "9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:d7e65ce9ab3b1d91205a2edbb4293cb8362a323b650a3daf7caf9103ae258812_arm64", "9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:5690f54c7dde45d95b407c0f1393a8e01e6f8e5512a2595ef8effe74b19a6d4a_amd64", "9Base-MTA-7.0:mta/mta-operator-bundle@sha256:b8c09648ffba53778128e145ab66b347f68e7960eaa345830363313f9d564d88_amd64", "9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:06c7b18081e2285b29082e26bd013a8d8d464a7641dd8d285e4909ca86514fde_amd64", "9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:3322ff5bdd8d9422567b37888cfe132d48455503e62a38953d5b318d80a02c91_arm64", "9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:4a35cbbe8c24232c138460ff50d1076392136ddedb7111c26ab2b074ad4017a7_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: go/parser: stack exhaustion in all Parse* functions" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.