CVE Vulnerabilities

CVE-2022-30322

Published: May 25, 2022 | Modified: Nov 21, 2024
CVSS 3.x
8.6
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
8.6 IMPORTANT
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Ubuntu
MEDIUM

go-getter up to 1.5.11 and 2.0.2 allowed asymmetric resource exhaustion when go-getter processed malicious HTTP responses. Fixed in 1.6.1 and 2.1.0.

Affected Software

Name Vendor Start Version End Version
Go-getter Hashicorp * 1.5.11 (including)
Go-getter Hashicorp 2.0.2 (including) 2.0.2 (including)
Red Hat OpenShift Container Platform 4.10 RedHat openshift4/ose-baremetal-rhel8-operator:v4.10.0-202208182025.p0.g97ce15e.assembly.stream *
Red Hat OpenShift Container Platform 4.10 RedHat openshift4/ose-cluster-baremetal-operator-rhel8:v4.10.0-202208260945.p0.g23614bb.assembly.stream *
Red Hat OpenShift Container Platform 4.10 RedHat openshift4/ose-baremetal-machine-controllers:v4.10.0-202209301647.p0.gadff401.assembly.stream *
Red Hat OpenShift Container Platform 4.10 RedHat openshift4/ose-installer:v4.10.0-202210250219.p0.g1ffe666.assembly.stream *
Red Hat OpenShift Container Platform 4.11 RedHat openshift4/ose-baremetal-machine-controllers:v4.11.0-202208020235.p0.ga65be86.assembly.stream *
Red Hat OpenShift Container Platform 4.11 RedHat openshift4/ose-baremetal-rhel8-operator:v4.11.0-202208020235.p0.g22b522c.assembly.stream *
Red Hat OpenShift Container Platform 4.11 RedHat openshift4/ose-cluster-baremetal-operator-rhel8:v4.11.0-202208020235.p0.g0f415d1.assembly.stream *
Red Hat OpenShift Container Platform 4.11 RedHat openshift4/ose-installer:v4.11.0-202210250857.p0.g9d1e216.assembly.stream *
Red Hat OpenShift Container Platform 4.8 RedHat openshift4/ose-baremetal-rhel8-operator:v4.8.0-202208241844.p0.g5492cf5.assembly.stream *
Red Hat OpenShift Container Platform 4.8 RedHat openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202209291426.p0.g117d47a.assembly.stream *
Red Hat OpenShift Container Platform 4.8 RedHat openshift4/ose-baremetal-machine-controllers:v4.8.0-202211031007.p0.g2dabef7.assembly.stream *
Red Hat OpenShift Container Platform 4.9 RedHat openshift4/ose-baremetal-rhel8-operator:v4.9.0-202208231335.p0.g4e7605b.assembly.stream *
Red Hat OpenShift Container Platform 4.9 RedHat openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202210061647.p0.g1a49892.assembly.stream *
Red Hat OpenShift Container Platform 4.9 RedHat openshift4/ose-baremetal-machine-controllers:v4.9.0-202210241459.p0.g41aa1f7.assembly.stream *
Red Hat OpenShift Container Platform 4.9 RedHat openshift4/ose-installer:v4.9.0-202212060115.p0.gf079984.assembly.stream *
Red Hat OpenStack Platform 16.2 RedHat rhosp-rhel8-tech-preview/osp-director-downloader:1.2.3-3 *
Red Hat OpenStack Platform 16.2 RedHat rhosp-rhel8-tech-preview/osp-director-operator:1.2.3-3 *
Golang-github-hashicorp-go-getter Ubuntu bionic *
Golang-github-hashicorp-go-getter Ubuntu impish *
Golang-github-hashicorp-go-getter Ubuntu kinetic *
Golang-github-hashicorp-go-getter Ubuntu lunar *
Golang-github-hashicorp-go-getter Ubuntu mantic *

References