The HTTP/1 client accepted some invalid Transfer-Encoding headers as indicating a "chunked" encoding. This could potentially allow for request smuggling, but only if combined with an intermediate server that also improperly failed to reject the header as invalid.
Created golang tracking bugs for this issue: Affects: fedora-all [bug 2107375]
Created golang tracking bugs for this issue: Affects: epel-all [bug 2110278]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:5775 https://access.redhat.com/errata/RHSA-2022:5775
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:5799 https://access.redhat.com/errata/RHSA-2022:5799
This issue has been addressed in the following products: Red Hat Developer Tools Via RHSA-2022:5866 https://access.redhat.com/errata/RHSA-2022:5866
This issue has been addressed in the following products: Openshift Serverless 1 on RHEL 8 Via RHSA-2022:6042 https://access.redhat.com/errata/RHSA-2022:6042
This issue has been addressed in the following products: Openshift Serveless 1.24 Via RHSA-2022:6040 https://access.redhat.com/errata/RHSA-2022:6040
This issue has been addressed in the following products: Application Interconnect 1 for RHEL 8 Via RHSA-2022:6113 https://access.redhat.com/errata/RHSA-2022:6113
This issue has been addressed in the following products: Node Healthcheck Operator 0.3 for RHEL 8 Via RHSA-2022:6187 https://access.redhat.com/errata/RHSA-2022:6187
This issue has been addressed in the following products: Node Maintenance Operator 4.11 for RHEL 8 Via RHSA-2022:6188 https://access.redhat.com/errata/RHSA-2022:6188
This issue has been addressed in the following products: OSSO-1.1-RHEL-8 Via RHSA-2022:6152 https://access.redhat.com/errata/RHSA-2022:6152
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 Via RHSA-2022:6347 https://access.redhat.com/errata/RHSA-2022:6347
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 Via RHSA-2022:6346 https://access.redhat.com/errata/RHSA-2022:6346
This issue has been addressed in the following products: Logging subsystem for Red Hat OpenShift 5.4 Via RHSA-2022:6183 https://access.redhat.com/errata/RHSA-2022:6183
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 Via RHSA-2022:6348 https://access.redhat.com/errata/RHSA-2022:6348
This issue has been addressed in the following products: multicluster engine for Kubernetes 2.1 for RHEL 8 Via RHSA-2022:6345 https://access.redhat.com/errata/RHSA-2022:6345
This issue has been addressed in the following products: RHOL-5.5-RHEL-8 Via RHSA-2022:6344 https://access.redhat.com/errata/RHSA-2022:6344
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 Via RHSA-2022:6370 https://access.redhat.com/errata/RHSA-2022:6370
This issue has been addressed in the following products: OADP-1.0-RHEL-8 Via RHSA-2022:6430 https://access.redhat.com/errata/RHSA-2022:6430
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7129 https://access.redhat.com/errata/RHSA-2022:7129
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7519 https://access.redhat.com/errata/RHSA-2022:7519
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7529 https://access.redhat.com/errata/RHSA-2022:7529
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7648 https://access.redhat.com/errata/RHSA-2022:7648
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:8057 https://access.redhat.com/errata/RHSA-2022:8057
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:8098 https://access.redhat.com/errata/RHSA-2022:8098
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:8250 https://access.redhat.com/errata/RHSA-2022:8250
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Ironic content for Red Hat OpenShift Container Platform 4.11 Via RHSA-2022:8626 https://access.redhat.com/errata/RHSA-2022:8626
This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.7 Via RHSA-2022:9047 https://access.redhat.com/errata/RHSA-2022:9047
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2022:7399 https://access.redhat.com/errata/RHSA-2022:7399
This issue has been addressed in the following products: RHEL-8-CNV-4.12 RHEL-7-CNV-4.12 Via RHSA-2023:0407 https://access.redhat.com/errata/RHSA-2023:0407
This issue has been addressed in the following products: RHEL-8-CNV-4.12 Via RHSA-2023:0408 https://access.redhat.com/errata/RHSA-2023:0408
This issue has been addressed in the following products: OpenShift Custom Metrics Autoscaler 2 Via RHSA-2023:1042 https://access.redhat.com/errata/RHSA-2023:1042
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.1 Red Hat OpenStack Platform 16.2 Via RHSA-2023:1275 https://access.redhat.com/errata/RHSA-2023:1275
This issue has been addressed in the following products: STF-1.5-RHEL-8 Via RHSA-2023:1529 https://access.redhat.com/errata/RHSA-2023:1529
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2357 https://access.redhat.com/errata/RHSA-2023:2357
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11.0 Via https://access.redhat.com/errata/RHSA-2022:5068
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:2758 https://access.redhat.com/errata/RHSA-2023:2758
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:2802 https://access.redhat.com/errata/RHSA-2023:2802
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-1705
This issue has been addressed in the following products: Red Hat Ceph Storage 6.1 Via RHSA-2023:3642 https://access.redhat.com/errata/RHSA-2023:3642
This issue has been addressed in the following products: OpenShift Developer Tools and Services for OCP 4.11 Via RHSA-2023:3664 https://access.redhat.com/errata/RHSA-2023:3664