VDB

RHSA-2020%3A4264

RHSA-2020%3A4264 PUBLISHED CVSS 7.5 HIGH

A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-cli-artifacts@sha256:e20b1956f99b93ad3b4c2583d0083dae8904f0c3028f9c3fe8dd35c960282c27_s390x as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-cli-artifacts@sha256:e20b1956f99b93ad3b4c2583d0083dae8904f0c3028f9c3fe8dd35c960282c27_s390x
Red Hatopenshift4/ose-cluster-kube-apiserver-operator@sha256:8a3eda3e39ee2c4550c8b1cd47748b7d0d50b7985ed1014ceb66b9aca423d20f_ppc64le as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-cluster-kube-apiserver-operator@sha256:8a3eda3e39ee2c4550c8b1cd47748b7d0d50b7985ed1014ceb66b9aca423d20f_ppc64le
Red Hatopenshift4/ose-multus-cni@sha256:de4bdd31926b5203bc34e044d0e4d82f524c70594c2ce570ebc8463ead02be60_ppc64le as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-multus-cni@sha256:de4bdd31926b5203bc34e044d0e4d82f524c70594c2ce570ebc8463ead02be60_ppc64le, *
Red Hatopenshift4/ose-cluster-kube-scheduler-operator@sha256:4908cdb2ea210e6e0764137d8d8c358d7840d51b3a641b8c2853aa9a0d1b66c8_amd64 as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-cluster-kube-scheduler-operator@sha256:4908cdb2ea210e6e0764137d8d8c358d7840d51b3a641b8c2853aa9a0d1b66c8_amd64
Red Hatopenshift4/ose-kube-proxy@sha256:ce7ef9f5cb4521a1544ecf5997c5359ad59606c6d2c23919b1cfbcf237ad3f0c_s390x as a component of Red Hat OpenShift Container Platform 4.3*
Red Hatopenshift4/ose-cluster-node-tuning-operator@sha256:0f5cb689fa6192b765a1584b37273f63ce260d18b5d51122539a39bb9507abe8_amd64 as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-cluster-node-tuning-operator@sha256:0f5cb689fa6192b765a1584b37273f63ce260d18b5d51122539a39bb9507abe8_amd64
Red Hatopenshift4/ose-cluster-kube-apiserver-operator@sha256:1e21c8a7beb34d2870b4593d574577feddb537dfb7741ef7e5617a6a8b366f32_s390x as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-cluster-kube-apiserver-operator@sha256:1e21c8a7beb34d2870b4593d574577feddb537dfb7741ef7e5617a6a8b366f32_s390x
Red Hatopenshift4/ose-cluster-ingress-operator@sha256:d84a789629be8c1664632608fb3cf97a57a216f114dfae147d07b23b80d9c7cd_ppc64le as a component of Red Hat OpenShift Container Platform 4.3*, openshift4/ose-cluster-ingress-operator@sha256:d84a789629be8c1664632608fb3cf97a57a216f114dfae147d07b23b80d9c7cd_ppc64le
Red Hatopenshift4/ose-cli@sha256:69867061214ff75525dae0385e7db30c26921347cea5e25d4846e93381080e7d_amd64 as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-cli@sha256:69867061214ff75525dae0385e7db30c26921347cea5e25d4846e93381080e7d_amd64
Red Hatopenshift4/ose-configmap-reloader@sha256:41599250d78a2df5987f61624dfe9225e1a865e84b614ecc065c7c2f30d37b03_amd64 as a component of Red Hat OpenShift Container Platform 4.3*, openshift4/ose-configmap-reloader@sha256:41599250d78a2df5987f61624dfe9225e1a865e84b614ecc065c7c2f30d37b03_amd64
Red Hatopenshift4/ose-ironic-inspector-rhel8@sha256:f0c4b873f1faa558d418bd279ba7df7ee920a4f2ae47309a7ce1903887de12af_amd64 as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-ironic-inspector-rhel8@sha256:f0c4b873f1faa558d418bd279ba7df7ee920a4f2ae47309a7ce1903887de12af_amd64
Red Hatopenshift4/ose-baremetal-machine-controllers@sha256:f2c22b125ca4226417be231846918974aa4c79b80f8c7cf74d32b66bf447d92f_s390x as a component of Red Hat OpenShift Container Platform 4.3*, *
Red Hatopenshift4/ose-service-ca-operator@sha256:98c90523c756e0d1559e280836600577f3a4eaaadea9dd1a7fd5b9480dc23400_s390x as a component of Red Hat OpenShift Container Platform 4.3*
Red Hatopenshift4/ose-kube-state-metrics@sha256:152e61c0912dccc229ea572880351d635a31a5fdcf7c8abbd5c400d7dfd5db93_amd64 as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-kube-state-metrics@sha256:152e61c0912dccc229ea572880351d635a31a5fdcf7c8abbd5c400d7dfd5db93_amd64
Red Hatopenshift4/ose-cluster-monitoring-operator@sha256:0c9ae3287354fdc36152b6a3df4d93ba60a3a2c5399a4791e5137334b986cbe1_amd64 as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-cluster-monitoring-operator@sha256:0c9ae3287354fdc36152b6a3df4d93ba60a3a2c5399a4791e5137334b986cbe1_amd64
Red Hatopenshift4/ose-prom-label-proxy@sha256:7e5c41cbe6a11aac954b7d6be4dc607b064163c9b2e653d645a489c70ef7500f_amd64 as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-prom-label-proxy@sha256:7e5c41cbe6a11aac954b7d6be4dc607b064163c9b2e653d645a489c70ef7500f_amd64, *
Red Hatopenshift4/ose-operator-registry@sha256:be36d05d57b59dc0a181e46d33fc0d84ddf5b33ab27e02e17280b72692697a54_ppc64le as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-operator-registry@sha256:be36d05d57b59dc0a181e46d33fc0d84ddf5b33ab27e02e17280b72692697a54_ppc64le, *
Red Hatopenshift4/ose-kube-state-metrics@sha256:152e61c0912dccc229ea572880351d635a31a5fdcf7c8abbd5c400d7dfd5db93_amd64 as a component of Red Hat OpenShift Container Platform 4.3*, *
Red Hatopenshift4/ose-cluster-version-operator@sha256:9bb641bed0ea852fd898af338ae47930b20bea4570fc07f10ba7e270562c953f_amd64 as a component of Red Hat OpenShift Container Platform 4.3*, openshift4/ose-cluster-version-operator@sha256:9bb641bed0ea852fd898af338ae47930b20bea4570fc07f10ba7e270562c953f_amd64
Red Hatopenshift4/ose-baremetal-machine-controllers@sha256:b6d2dc08fa383cdb23c675d0f19595b38d143cb2ef168f57d2d8067b0311758b_amd64 as a component of Red Hat OpenShift Container Platform 4.3openshift4/ose-baremetal-machine-controllers@sha256:b6d2dc08fa383cdb23c675d0f19595b38d143cb2ef168f57d2d8067b0311758b_amd64

…and 434 more

Exploit Intelligence

Timeline

  • Oct 20, 2020 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›