CLSA-2025-1762538558

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1762538558.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1762538558
Upstream
Published
2026-05-13T10:06:56Z
Modified
2026-05-29T01:36:34.415210587Z
Summary
containernetworking-plugins: Fix of 13 CVEs
Details
  • rebuild with newer golang to fix multiple security vulnerabilities:
  • CVE-2023-24534: fix HTTP/2 rapid reset attack leading to denial of service
  • CVE-2023-29400: fix HTTP/2 frame processing panic leading to denial of service
  • CVE-2022-41725: fix HTTP/2 server connection handling causing premature closure
  • CVE-2022-41724: fix HTTP/2 server connection misuse causing resource exhaustion
  • CVE-2023-24538: fix HTTP/2 request handling causing denial of service
  • CVE-2023-39322: fix HTTP/2 connection resource exhaustion and denial of service
  • CVE-2023-24539: fix HTTP/2 request handling causing excessive memory consumption
  • CVE-2023-39321: fix HTTP/2 frame processing causing panic and denial of service
  • CVE-2024-24788: fix HTTP/2 connection handling causing denial of service
  • CVE-2022-41723: fix HTTP/2 server connection handling causing resource exhaustion
  • CVE-2023-45287: fix RSA-based TLS key exchange timing attack vulnerability
  • CVE-2024-34156: fix HTTP/2 connection resource exhaustion and denial of service
  • CVE-2023-24536: fix HTTP/2 request handling causing denial of service
References

Affected packages