VDB

RHSA-2019%3A2594

RHSA-2019%3A2594 PUBLISHED CVSS 7.5 HIGH

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.

Risk Scores

CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/mediawiki@sha256:8014f0d73799f7f26b56a3d908b55de3103103f57a507d48fe9830c7d605f85d_amd64 as a component of Red Hat OpenShift Container Platform 4.1*
Red Hatopenshift4/ose-cli-artifacts@sha256:bacaec21f6101ef686bb07b5d6e80b0b3ad06ab9a4d4f6e611ca3103c0030d7e_amd64 as a component of Red Hat OpenShift Container Platform 4.1*
Red Hatopenshift4/ose-egress-dns-proxy@sha256:2c00e51829c679d3573f813b0eced5c16382966ecf609915b47a8472872bbb64_amd64 as a component of Red Hat OpenShift Container Platform 4.1*
Red Hatopenshift4/ose-cluster-config-operator@sha256:3b210b7313b4853f777d19248ba746b3d29251a3409124f984ae212809930427_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-cluster-config-operator@sha256:3b210b7313b4853f777d19248ba746b3d29251a3409124f984ae212809930427_amd64
Red Hatopenshift4/ose-oauth-proxy@sha256:383360705efc0605760c3b2b1d0fa288094eb6dad8158c540d950f661b4ba880_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-oauth-proxy@sha256:383360705efc0605760c3b2b1d0fa288094eb6dad8158c540d950f661b4ba880_amd64
Red Hatopenshift4/ose-multus-cni@sha256:9be2123934d7f80af6439a84b5a9887459c1655549c7790fd080e965e89049b4_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-multus-cni@sha256:9be2123934d7f80af6439a84b5a9887459c1655549c7790fd080e965e89049b4_amd64
Red Hatopenshift4/ose-cluster-storage-operator@sha256:95ad59eb2e2cc58f7ae6b850f648259687f266f05ac91166a39da6bf441e3e86_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-cluster-storage-operator@sha256:95ad59eb2e2cc58f7ae6b850f648259687f266f05ac91166a39da6bf441e3e86_amd64
Red Hatopenshift4/ose-cluster-openshift-apiserver-operator@sha256:1291555580ce58d7855c7b93ace6826cd2b1a22499fc5df3aad7d36a30b880ee_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-cluster-openshift-apiserver-operator@sha256:1291555580ce58d7855c7b93ace6826cd2b1a22499fc5df3aad7d36a30b880ee_amd64
Red Hatopenshift4/ose-haproxy-router@sha256:e0c7adba792e43e96c8d6f4e0845e2d001d0f652ece6f567b09ac481b07eafdc_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-haproxy-router@sha256:e0c7adba792e43e96c8d6f4e0845e2d001d0f652ece6f567b09ac481b07eafdc_amd64
Red Hatopenshift4/ose-sriov-cni@sha256:7a129a17d719761425ce26a47eaa115789be893f4a1054e37f3c76f891157886_amd64 as a component of Red Hat OpenShift Container Platform 4.1*
Red Hatopenshift4/ose-kube-state-metrics@sha256:4ff6cd48b319093041c2fa9c32ce16c6ea4dffb1c66ef4923f9cfc108cdfe6cc_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-kube-state-metrics@sha256:4ff6cd48b319093041c2fa9c32ce16c6ea4dffb1c66ef4923f9cfc108cdfe6cc_amd64
Red Hatopenshift4/ose-telemeter@sha256:5abb2f8cd1758441ba75e07e0a2f1180dbda0f13e6b51993d7c945b3d91b3bef_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-telemeter@sha256:5abb2f8cd1758441ba75e07e0a2f1180dbda0f13e6b51993d7c945b3d91b3bef_amd64
Red Hatopenshift4/ose-cluster-samples-operator@sha256:79ba26ee177bc7cd2ab89ddaa6c66b5dcfc6970dc457cc737d64b18b5d378637_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-cluster-samples-operator@sha256:79ba26ee177bc7cd2ab89ddaa6c66b5dcfc6970dc457cc737d64b18b5d378637_amd64
Red Hatopenshift4/ose-cluster-autoscaler@sha256:b995c30d43493a8d393282c760584605951048dbe395eeac6b6b1bec269ff3ad_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-cluster-autoscaler@sha256:b995c30d43493a8d393282c760584605951048dbe395eeac6b6b1bec269ff3ad_amd64
Red Hatopenshift4/ose-installer-artifacts@sha256:7f3e05fa013dead5501513b86c19719973d0f9ee5dbdd4d3f5264fe601dbf809_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-installer-artifacts@sha256:7f3e05fa013dead5501513b86c19719973d0f9ee5dbdd4d3f5264fe601dbf809_amd64
Red Hatopenshift4/ose-descheduler@sha256:f7527c56780840d4062768e88f098229effd9796639ad67f6cdf841941a7e4a1_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-descheduler@sha256:f7527c56780840d4062768e88f098229effd9796639ad67f6cdf841941a7e4a1_amd64
Red Hatopenshift4/ose-baremetal-machine-controllers@sha256:d9ca5e81aa2fb401f9c5bfb63e85fc5d93ae1e657ab992e879a2b9d520f3fea3_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-baremetal-machine-controllers@sha256:d9ca5e81aa2fb401f9c5bfb63e85fc5d93ae1e657ab992e879a2b9d520f3fea3_amd64
Red Hatopenshift4/ose-must-gather@sha256:1acef66db6179f4289fc4abbb297df32c01d3b13fd85530ac6a0d925b517c3df_amd64 as a component of Red Hat OpenShift Container Platform 4.1*
Red Hatopenshift4/mysql-apb@sha256:5772d2a584b96249c535df55b501ffe891162d7651b18244cdc16ab2f0d563dc_amd64 as a component of Red Hat OpenShift Container Platform 4.1*
Red Hatopenshift4/ose-console-operator@sha256:665d6d89d83c51de08526c08365317b3dbb9f20e1528ffb35697f6c8bd409ca3_amd64 as a component of Red Hat OpenShift Container Platform 4.1openshift4/ose-console-operator@sha256:665d6d89d83c51de08526c08365317b3dbb9f20e1528ffb35697f6c8bd409ca3_amd64

…and 74 more

Timeline

  • Sep 10, 2019 CVE Published
  • Apr 28, 2026 CVE Updated
  • Apr 28, 2026 Distribution Patch
  • Apr 28, 2026 Distribution Patch
  • Apr 28, 2026 Security Advisory
  • Apr 28, 2026 Security Advisory
  • Apr 28, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›