exploitDog

CVE-2022-2238

Опубликовано: 01 сент. 2022

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend. This flaw allows an attacker to craft specific strings containing special characters that lead to crashing the pod and affects system availability while restarting.

Ссылки

https://access.redhat.com/security/cve/CVE-2022-2238
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2101669
Issue Tracking
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2022-2238
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2101669
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00722

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89

CWE-89

Связанные уязвимости

CVE-2022-2238

CVSS3: 6.5

redhat

больше 3 лет назад

A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend. This flaw allows an attacker to craft specific strings containing special characters that lead to crashing the pod and affects system availability while restarting.

GHSA-gpp7-gqhm-5827

CVSS3: 6.5

github

больше 3 лет назад

A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend. This flaw allows an attacker to craft specific strings containing special characters that lead to crashing the pod and affects system availability while restarting.

EPSS

Процентиль: 72%

0.00722

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89

CWE-89