Uploaded image for project: 'Service Binding'
  1. Service Binding
  2. APPSVC-1220

Fix CVE-2022-32149

    XMLWordPrintable

Details

    • False
    • None
    • False
    • Hide
      Before this update a security vulnerability CVE-2022-32149 was noted in Service Binding Operator. An attacker may have caused a denial of service by crafting an Accept-Language header which ParseAcceptLanguage would take significant time to parse. This update fixes the CVE-2022-32149 by updating golang.org/x/text package from v0.3.7 to v0.3.8.
      Show
      Before this update a security vulnerability CVE-2022-32149 was noted in Service Binding Operator. An attacker may have caused a denial of service by crafting an Accept-Language header which ParseAcceptLanguage would take significant time to parse. This update fixes the CVE-2022-32149 by updating golang.org/x/text package from v0.3.7 to v0.3.8.
    • AppSvc Sprint 226

    Description

      Description of problem:

      https://access.redhat.com/security/cve/CVE-2022-32149

      Prerequisites (if any, like setup, operators/versions):

      Steps to Reproduce

      1. <steps>

      Actual results:

      Expected results:

      Reproducibility (Always/Intermittent/Only Once):

      Build Details:

      Additional info:

      Documentation Requirement: Yes/No (needs-docs|upstream-docs / no-doc)

      Upstream: <Inputs/Requirement details>/ Not Applicable

      Downstream: <Type: Doc defect/More inputs to doc>/ Not Applicable

      Provide link to the relevant section
      Provide doc inputs and details required

      Release Notes Type: <New Feature/Enhancement/Known Issue/Bug
      fix/Breaking change/Deprecated Functionality/Technology Preview>

      Attachments

        Issue Links

          Activity

            Public project attachment banner

              context keys: [headless, issue, helper, isAsynchronousRequest, project, action, user]
              current Project key: APPSVC

              People

                pmacik@redhat.com Pavel Macik
                pmacik@redhat.com Pavel Macik
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: