VDB

RHSA-2021%3A2983

RHSA-2021%3A2983 PUBLISHED CVSS 5.900000095367432 MEDIUM

A vulnerability was detected in net/http of the Go standard library when parsing very large HTTP header values, causing a crash and subsequent denial of service. This vulnerability affects both clients and servers written in Go, however, servers are only vulnerable if the value of MaxHeaderBytes has been increased from the default.

Risk Scores

CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:c010c3107ff49de133e60bab4df048a8e0ad60daf07cdcc8c7003f0f4d8d03e6_amd64 as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:c010c3107ff49de133e60bab4df048a8e0ad60daf07cdcc8c7003f0f4d8d03e6_amd64
Red Hatopenshift4/ose-console@sha256:6eb96545d7bed1a5da8ff4c9673baf5ad29a44107b47d707285482264b5f75ed_amd64 as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-console@sha256:6eb96545d7bed1a5da8ff4c9673baf5ad29a44107b47d707285482264b5f75ed_amd64
Red Hatopenshift4/ose-network-metrics-daemon-rhel8@sha256:9ef4d9c080f77a96f38a4e94ca40fdf0b91a49cb4087f7e3083bc40774f8dda6_s390x as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-network-metrics-daemon-rhel8@sha256:9ef4d9c080f77a96f38a4e94ca40fdf0b91a49cb4087f7e3083bc40774f8dda6_s390x, openshift4/ose-network-metrics-daemon-rhel8@sha256:9ef4d9c080f77a96f38a4e94ca40fdf0b91a49cb4087f7e3083bc40774f8dda6_s390x
Red Hatopenshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:6e34090767b86a0a94643e39851de9e204d8184009ae3a1602cbbb307de24730_ppc64le as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:6e34090767b86a0a94643e39851de9e204d8184009ae3a1602cbbb307de24730_ppc64le
Red Hatopenshift4/ose-csi-driver-nfs-rhel8@sha256:c794a7f095013a1574a258691f7502d2ca1c5d017926772eb93e0e3069422c39_amd64 as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-csi-driver-nfs-rhel8@sha256:c794a7f095013a1574a258691f7502d2ca1c5d017926772eb93e0e3069422c39_amd64, openshift4/ose-csi-driver-nfs-rhel8@sha256:c794a7f095013a1574a258691f7502d2ca1c5d017926772eb93e0e3069422c39_amd64
Red Hatopenshift4/ose-prometheus-node-exporter@sha256:b52adea99db02532f7872306d197bb4c7b999eb6c6437654308eef12754bf104_s390x as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-prometheus-node-exporter@sha256:b52adea99db02532f7872306d197bb4c7b999eb6c6437654308eef12754bf104_s390x, openshift4/ose-prometheus-node-exporter@sha256:b52adea99db02532f7872306d197bb4c7b999eb6c6437654308eef12754bf104_s390x
Red Hatopenshift4/ose-csi-node-driver-registrar@sha256:80dea93e20a001994b2e2dad3e1b3b7532b22585126c8cdbe5f4afbfe142e19c_s390x as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-csi-node-driver-registrar@sha256:80dea93e20a001994b2e2dad3e1b3b7532b22585126c8cdbe5f4afbfe142e19c_s390x
Red Hatopenshift4/ose-cluster-autoscaler@sha256:72e887092d462320da30bcf484b01c3232ed6b1ed75645e54c62b135ab657e58_amd64 as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-cluster-autoscaler@sha256:72e887092d462320da30bcf484b01c3232ed6b1ed75645e54c62b135ab657e58_amd64
Red Hatopenshift4/ose-kube-rbac-proxy@sha256:a9e4a2b723f3e024549c9e1baafd9185f6c502590239d1415775090c66a70aed_s390x as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-kube-rbac-proxy@sha256:a9e4a2b723f3e024549c9e1baafd9185f6c502590239d1415775090c66a70aed_s390x, openshift4/ose-kube-rbac-proxy@sha256:a9e4a2b723f3e024549c9e1baafd9185f6c502590239d1415775090c66a70aed_s390x
Red Hatopenshift4/ose-cluster-storage-operator@sha256:9e27631ffed84bc32715ca0f8cf9bb9dea6ad87720ecffde2da266c601d4dc7c_amd64 as a component of Red Hat OpenShift Container Platform 4.8*, openshift4/ose-cluster-storage-operator@sha256:9e27631ffed84bc32715ca0f8cf9bb9dea6ad87720ecffde2da266c601d4dc7c_amd64
Red Hatopenshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:bce86bfe3a594dec0670ae67828d3aeabda615e6e763a704ca029370ea5e97b8_amd64 as a component of Red Hat OpenShift Container Platform 4.8*
Red Hatopenshift4/ose-vsphere-problem-detector-rhel8@sha256:951a51b56371cd4cb3431ac8a1ef9d5f21a3374f14ff3734cae07fa5704b7b71_amd64 as a component of Red Hat OpenShift Container Platform 4.8*, openshift4/ose-vsphere-problem-detector-rhel8@sha256:951a51b56371cd4cb3431ac8a1ef9d5f21a3374f14ff3734cae07fa5704b7b71_amd64
Red Hatopenshift4/ose-operator-registry@sha256:2369e22821cb8d09b826aeb9ff328d4bebe25aa2410b3084e7a7888c6f361da7_amd64 as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-operator-registry@sha256:2369e22821cb8d09b826aeb9ff328d4bebe25aa2410b3084e7a7888c6f361da7_amd64
Red Hatopenshift4/ose-telemeter@sha256:1519e995f0fbc1dbff828fbd2b0b7735348101a54b65c3b132cb967a876ade2f_ppc64le as a component of Red Hat OpenShift Container Platform 4.8*, openshift4/ose-telemeter@sha256:1519e995f0fbc1dbff828fbd2b0b7735348101a54b65c3b132cb967a876ade2f_ppc64le
Red Hatopenshift4/ose-multus-route-override-cni-rhel8@sha256:769479a696176fa9d6896ee99edf949b8b1edf04eebfaf9cdbc1dace4daad5d2_s390x as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-multus-route-override-cni-rhel8@sha256:769479a696176fa9d6896ee99edf949b8b1edf04eebfaf9cdbc1dace4daad5d2_s390x
Red Hatopenshift4/ose-cluster-etcd-rhel8-operator@sha256:eecfc22eaafcca25b6a9b5fadcea60717bb35e5c2ff1294eab66937f12c052aa_ppc64le as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-cluster-etcd-rhel8-operator@sha256:eecfc22eaafcca25b6a9b5fadcea60717bb35e5c2ff1294eab66937f12c052aa_ppc64le
Red Hatopenshift4/ose-tests@sha256:73ca39363d52e8b0d4bf377fb55aa7b3b128dd464fee4a8ad77201d608496d64_ppc64le as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-tests@sha256:73ca39363d52e8b0d4bf377fb55aa7b3b128dd464fee4a8ad77201d608496d64_ppc64le
Red Hatopenshift4/ose-kuryr-cni-rhel8@sha256:5a557c28b7652a314d1fb19471bf864bdb79786953651272533779fe49cebc03_amd64 as a component of Red Hat OpenShift Container Platform 4.8*
Red Hatopenshift4/ose-oauth-server-rhel8@sha256:aa963222162bbd414fd7f3dcf446f0fde03bfed58a6dc049b6ced0064523aa81_amd64 as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-oauth-server-rhel8@sha256:aa963222162bbd414fd7f3dcf446f0fde03bfed58a6dc049b6ced0064523aa81_amd64, openshift4/ose-oauth-server-rhel8@sha256:aa963222162bbd414fd7f3dcf446f0fde03bfed58a6dc049b6ced0064523aa81_amd64
Red Hatopenshift4/ose-multus-admission-controller@sha256:d08a722fff5c0bac8bb5d89e76dbfa8d17a6df1734b4f69f1dd73f41a1a11278_s390x as a component of Red Hat OpenShift Container Platform 4.8openshift4/ose-multus-admission-controller@sha256:d08a722fff5c0bac8bb5d89e76dbfa8d17a6df1734b4f69f1dd73f41a1a11278_s390x

…and 722 more

Timeline

  • Aug 10, 2021 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 29, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›