CVE-2022-41723

CVE Details

Visit the official vulnerability details page for CVE-2022-41723 to learn more.

Initial Publication

10/25/2024

Last Update

10/25/2024

Third Party Dependency

golang.org/x/net

NIST CVE Summary

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

CVE Severity

7.5

Our Official Summary

This CVE is non impacting as the impacting symbol and/or function is not used in the product.

Status

Ongoing

Affected Products & Versions

Version	Palette Enterprise	Palette Enterprise Airgap	VerteX	VerteX Airgap
4.5.11	Impacted	Impacted	Impacted	Impacted
4.5.10	Impacted	Impacted	Impacted	Impacted
4.5.8	Impacted	Impacted	Impacted	Impacted
4.5.5	Impacted	Impacted	Impacted	Impacted
4.5.4	Impacted	Impacted	Impacted	Impacted
4.4.20	Impacted	Impacted	Impacted	Impacted

Revision History

Date	Revision
11/15/2024	Impacted versions changed from 4.5.4, 4.5.5, 4.5.8, 4.4.20, 4.5.10 to 4.5.4, 4.5.5, 4.5.8, 4.4.20, 4.5.10, 4.5.11
11/15/2024	Impacted versions changed from 4.5.4, 4.5.5, 4.5.8, 4.4.20 to 4.5.4, 4.5.5, 4.5.8, 4.4.20, 4.5.10
11/13/2024	Impacted versions changed from 4.5.4, 4.5.5, 4.5.8 to 4.5.4, 4.5.5, 4.5.8, 4.4.20
11/10/2024	Impacted versions changed from 4.5.4, 4.5.5 to 4.5.4, 4.5.5, 4.5.8
10/27/2024	Impacted versions changed from 4.5.4 to 4.5.4, 4.5.5

CVE Details​

Initial Publication​

Last Update​

Third Party Dependency​

NIST CVE Summary​

CVE Severity​

Our Official Summary​

Status​

Affected Products & Versions​

Revision History​