Randomly-generated alphanumeric strings contain significantly less entropy than expected. The RandomAlphaNumeric and CryptoRandomAlphaNumeric functions always return strings containing at least one digit from 0 to 9. This significantly reduces the amount of entropy in short strings generated by these functions. https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1 https://pkg.go.dev/vuln/GO-2022-0411
Created golang-github-rubenv-sql-migrate tracking bugs for this issue: Affects: fedora-36 [bug 2159520]
Created golang-github-masterminds-goutils tracking bugs for this issue: Affects: fedora-36 [bug 2159843]
This issue has been addressed in the following products: OpenShift Service Mesh 2.1 Via RHSA-2023:0540 https://access.redhat.com/errata/RHSA-2023:0540
This issue has been addressed in the following products: Red Hat OpenShift Service Mesh 2.3 for RHEL 8 Via RHSA-2023:0542 https://access.redhat.com/errata/RHSA-2023:0542
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:0449 https://access.redhat.com/errata/RHSA-2023:0449
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-4238
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:0565 https://access.redhat.com/errata/RHSA-2023:0565
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:0569 https://access.redhat.com/errata/RHSA-2023:0569
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2023:0561 https://access.redhat.com/errata/RHSA-2023:0561
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.9 Via RHSA-2023:0574 https://access.redhat.com/errata/RHSA-2023:0574
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:0651 https://access.redhat.com/errata/RHSA-2023:0651
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:0728 https://access.redhat.com/errata/RHSA-2023:0728
This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.6 Via RHSA-2023:0802 https://access.redhat.com/errata/RHSA-2023:0802
This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.7 Via RHSA-2023:0803 https://access.redhat.com/errata/RHSA-2023:0803
This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.5 Via RHSA-2023:0804 https://access.redhat.com/errata/RHSA-2023:0804
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:0770 https://access.redhat.com/errata/RHSA-2023:0770
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:0774 https://access.redhat.com/errata/RHSA-2023:0774
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2023:0899 https://access.redhat.com/errata/RHSA-2023:0899
This issue has been addressed in the following products: RHODF-4.12-RHEL-8 Via RHSA-2023:1170 https://access.redhat.com/errata/RHSA-2023:1170
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:1159 https://access.redhat.com/errata/RHSA-2023:1159
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2023:1154 https://access.redhat.com/errata/RHSA-2023:1154
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:1270 https://access.redhat.com/errata/RHSA-2023:1270
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:1297 https://access.redhat.com/errata/RHSA-2023:1297
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2023:1393 https://access.redhat.com/errata/RHSA-2023:1393
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:1326 https://access.redhat.com/errata/RHSA-2023:1326
This issue has been addressed in the following products: RHODF-4.13-RHEL-9 Via RHSA-2023:3742 https://access.redhat.com/errata/RHSA-2023:3742