VDB

RHSA-2021%3A0190

RHSA-2021%3A0190 PUBLISHED CVSS 7.5 HIGH

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/compliance-rhel8-operator@sha256:1209f8b333c55279e3f9e1172b6cc741380a02f47bfc2a9cb39412bbefeed948_amd64 as a component of Red Hat OpenShift Container Platform 4.6openshift4/compliance-rhel8-operator@sha256:1209f8b333c55279e3f9e1172b6cc741380a02f47bfc2a9cb39412bbefeed948_amd64
Red Hatopenshift4/compliance-openscap-rhel8@sha256:54914618a94e2b88489b4c01f27920fdf0f07630e225cf10b9b4714c741baf28_amd64 as a component of Red Hat OpenShift Container Platform 4.6openshift4/compliance-openscap-rhel8@sha256:54914618a94e2b88489b4c01f27920fdf0f07630e225cf10b9b4714c741baf28_amd64
Red Hatopenshift4/compliance-content-rhel8@sha256:f4723b754a7af837dc0a485d9bb12fe78542e58525f5022b1192ab49187f51fe_amd64 as a component of Red Hat OpenShift Container Platform 4.6*
Red Hatopenshift4/compliance-rhel8-operator-metadata@sha256:3145cda510659eee3aa12e41aefdd3e1922a6b7324f504e8613d38c258c92c44_amd64 as a component of Red Hat OpenShift Container Platform 4.6*

Timeline

  • Jan 19, 2021 CVE Published
  • Apr 30, 2026 CVE Updated
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›