CVE-2022-27664 Affecting seldon-core-operator-1.16 package, versions <1.16.0-r1


Severity

Recommended
0.0
high
0
10

Snyk's Security Team recommends NVD's CVSS assessment. Learn more

Threat Intelligence

Exploit Maturity
Not Defined
EPSS
0.27% (68th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CHAINGUARDLATEST-SELDONCOREOPERATOR116-6252255
  • published17 Feb 2024
  • disclosed6 Sept 2022

Introduced: 6 Sep 2022

CVE-2022-27664  (opens in a new tab)

How to fix?

Upgrade Chainguard seldon-core-operator-1.16 to version 1.16.0-r1 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream seldon-core-operator-1.16 package and not the seldon-core-operator-1.16 package as distributed by Chainguard. See How to fix? for Chainguard relevant fixed versions and status.

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.

CVSS Scores

version 3.1