CGA-rcjm-g8c5-c2g4

Published

Last updated

https://images.chainguard.dev/security/CGA-rcjm-g8c5-c2g4

Package

coredns-fips

Latest Update

Not affected

Aliases

CVE-2022-2835
GHSA-ch7v-37xg-75ph

Severity

4.4

Medium

CVSS V3

Summary

coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints

Description

A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.

References

https://nvd.nist.gov/vuln/detail/CVE-2022-2835
https://github.com/advisories/GHSA-ch7v-37xg-75ph
https://bugzilla.redhat.com/show_bug.cgi?id=2118542
https://github.com/coredns/coredns

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-rcjm-g8c5-c2g4

Severity

Summary

Description

References

Updates

Product

Why Chainguard

Customers

Company

Resources