Описание
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits (via a call to strings.Split) an optionally-provided OID (which is untrusted data) on periods. Similarly, function api.getContentType splits the Content-Type header (which is also untrusted data) on an application string. As a result, in the face of a malicious request with either an excessively long OID in the payload containing many period characters or a malformed Content-Type header, a call to api.ParseJSONRequest or api.getContentType incurs allocations of O(n) bytes (where n stands for the length of the function's argument). This vulnerability is fixed in 2.0.3.
A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.
Отчет
This vulnerability is rated Important for Red Hat products. The Sigstore Timestamp Authority, a service for issuing RFC 3161 timestamps, is prone to excessive memory allocation. This occurs when processing untrusted OID payloads with many period characters or malformed Content-Type headers. An unauthenticated attacker could exploit this flaw to trigger a denial of service in affected Red Hat products that utilize this component.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Pipelines | openshift-pipelines-client | Affected | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-cli-tkn-rhel8 | Affected | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-opc-rhel9 | Affected | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-operator-bundle | Affected | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-operator-proxy-rhel8 | Affected | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-operator-proxy-rhel9 | Will not fix | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-operator-webhook-rhel8 | Affected | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-operator-webhook-rhel9 | Will not fix | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-rhel8-operator | Affected | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-rhel9-operator | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits (via a call to strings.Split) an optionally-provided OID (which is untrusted data) on periods. Similarly, function api.getContentType splits the Content-Type header (which is also untrusted data) on an application string. As a result, in the face of a malicious request with either an excessively long OID in the payload containing many period characters or a malformed Content-Type header, a call to api.ParseJSONRequest or api.getContentType incurs allocations of O(n) bytes (where n stands for the length of the function's argument). This vulnerability is fixed in 2.0.3.
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits (via a call to strings.Split) an optionally-provided OID (which is untrusted data) on periods. Similarly, function api.getContentType splits the Content-Type header (which is also untrusted data) on an application string. As a result, in the face of a malicious request with either an excessively long OID in the payload containing many period characters or a malformed Content-Type header, a call to api.ParseJSONRequest or api.getContentType incurs allocations of O(n) bytes (where n stands for the length of the function's argument). This vulnerability is fixed in 2.0.3.
Sigstore Timestamp Authority is a service for issuing RFC 3161 timesta ...
Sigstore Timestamp Authority allocates excessive memory during request parsing
EPSS
7.5 High
CVSS3