Bug 2215854 - RedHat analysis on the vulnerabilities - CVE-2023-29403 CVE-2023-29404 CVE-2023-29405 CVE-2023-29402
Summary: RedHat analysis on the vulnerabilities - CVE-2023-29403 CVE-2023-29404 CVE-2...
Keywords:
Status: CLOSED COMPLETED
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: golang
Version: 8.8
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: David Benoit
QA Contact: qe-baseos-tools-bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-06-19 08:12 UTC by Gandhimathy
Modified: 2023-07-10 13:27 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-07-10 13:27:29 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-160147 0 None None None 2023-06-19 08:12:54 UTC

Description Gandhimathy 2023-06-19 08:12:25 UTC 
Description of problem:

Looking for Red Hat analysis for the following Golang vulnerablity.
We are using Red Hat 8.8 UBI-

As the CVSScore for the following is 7.8 which is High.
CVE-2023-29403 - https://exchange.xforce.ibmcloud.com/vulnerabilities/257653

As the CVSScore for the following is 9.8 which is Critical.
CVE-2023-29404 - https://exchange.xforce.ibmcloud.com/vulnerabilities/257654
CVE-2023-29405 - https://exchange.xforce.ibmcloud.com/vulnerabilities/257655
CVE-2023-29402 - https://exchange.xforce.ibmcloud.com/vulnerabilities/257652
Comment 1 David Benoit 2023-07-10 13:27:29 UTC 
Information regarding these CVEs should be available at access.redhat.com, reachable via hyperlinks in the title of this bug to the CVEs referenced.  Thanks!
Note You need to log in before you can comment on or make changes to this bug.