All errata/p10/ALT-PU-2023-1610-2
ALT-PU-2023-1610-2

Package update podman in branch p10

Version4.4.4-alt1
Task#318163
Published2026-02-04
Max severityHIGH
Severity:

Closed issues (3)

BDU:2023-07322
HIGH7.5

Уязвимость декодера HPACK языка программирования Golang, связанная с неконтролируемым потреблением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2023-10-31Modified: 2025-09-08
CVSS 3.xHIGH 7.5
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0HIGH 7.8
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C
References
CVE-2022-41723
HIGH7.5

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

Published: 2023-02-28Modified: 2025-05-05
CVSS 3.xHIGH 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
GHSA-vvpx-j8f3-3w6h
HIGH7.5

golang.org/x/net vulnerable to Uncontrolled Resource Consumption

Published: 2023-02-17Modified: 2024-05-21
CVSS 3.xHIGH 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References