RHSA-2023:0693: Moderate: Migration Toolkit for Containers (MTC) 1.7.7 security and bug fix update

Published Feb 9, 2023
·
Updated

The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.<br>Security Fix(es) from Bugzilla:<br><li> async: Prototype Pollution in async (CVE-2021-43138)</li> <li> golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)</li> <li> golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)</li> <li> golang: net/<a href="http:" target="blank">http:</a> handle server errors after sending GOAWAY (CVE-2022-27664)</li> <li> golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags (CVE-2022-32149)</li> <li> golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)</li> <li> golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)</li> <li> golang: net/<a href="http:" target="blank">http:</a> An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)</li> <li> golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)</li> For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software

1 affected component
Red Hat Migration Toolkit for Containers

Remediation

Event History

Apr 8, 2025
Advisory Published
via Red Hat·07:35 AM
Data Sourced
via Red Hat·07:35 AM
RemedyDescriptionAffected Software
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of RHSA-2023:0693?

The severity of RHSA-2023:0693 is classified based on the potential impact of the vulnerabilities it addresses, typically requiring immediate attention.

2

How do I fix RHSA-2023:0693?

To fix RHSA-2023:0693, you should update your Migration Toolkit for Containers to the latest version provided in the advisory.

3

What vulnerabilities does RHSA-2023:0693 address?

RHSA-2023:0693 addresses several vulnerabilities that could impact the security of the Migration Toolkit for Containers.

4

Who is affected by RHSA-2023:0693?

RHSA-2023:0693 affects users and organizations utilizing the Migration Toolkit for Containers in their OpenShift Container Platform environments.

5

Is there a workaround for RHSA-2023:0693?

There are no specific workarounds for RHSA-2023:0693 recommended; it is advised to apply the updates provided.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203