VDB
RHSA-2021%3A2983
RHSA-2021%3A2983
PUBLISHED
CVSS 5.900000095367432 MEDIUM
A vulnerability was detected in net/http of the Go standard library when parsing very large HTTP header values, causing a crash and subsequent denial of service. This vulnerability affects both clients and servers written in Go, however, servers are only vulnerable if the value of MaxHeaderBytes has been increased from the default.
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:c010c3107ff49de133e60bab4df048a8e0ad60daf07cdcc8c7003f0f4d8d03e6_amd64 as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:c010c3107ff49de133e60bab4df048a8e0ad60daf07cdcc8c7003f0f4d8d03e6_amd64 |
| Red Hat | openshift4/ose-console@sha256:6eb96545d7bed1a5da8ff4c9673baf5ad29a44107b47d707285482264b5f75ed_amd64 as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-console@sha256:6eb96545d7bed1a5da8ff4c9673baf5ad29a44107b47d707285482264b5f75ed_amd64 |
| Red Hat | openshift4/ose-network-metrics-daemon-rhel8@sha256:9ef4d9c080f77a96f38a4e94ca40fdf0b91a49cb4087f7e3083bc40774f8dda6_s390x as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-network-metrics-daemon-rhel8@sha256:9ef4d9c080f77a96f38a4e94ca40fdf0b91a49cb4087f7e3083bc40774f8dda6_s390x, openshift4/ose-network-metrics-daemon-rhel8@sha256:9ef4d9c080f77a96f38a4e94ca40fdf0b91a49cb4087f7e3083bc40774f8dda6_s390x |
| Red Hat | openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:6e34090767b86a0a94643e39851de9e204d8184009ae3a1602cbbb307de24730_ppc64le as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:6e34090767b86a0a94643e39851de9e204d8184009ae3a1602cbbb307de24730_ppc64le |
| Red Hat | openshift4/ose-csi-driver-nfs-rhel8@sha256:c794a7f095013a1574a258691f7502d2ca1c5d017926772eb93e0e3069422c39_amd64 as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-csi-driver-nfs-rhel8@sha256:c794a7f095013a1574a258691f7502d2ca1c5d017926772eb93e0e3069422c39_amd64, openshift4/ose-csi-driver-nfs-rhel8@sha256:c794a7f095013a1574a258691f7502d2ca1c5d017926772eb93e0e3069422c39_amd64 |
| Red Hat | openshift4/ose-prometheus-node-exporter@sha256:b52adea99db02532f7872306d197bb4c7b999eb6c6437654308eef12754bf104_s390x as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-prometheus-node-exporter@sha256:b52adea99db02532f7872306d197bb4c7b999eb6c6437654308eef12754bf104_s390x, openshift4/ose-prometheus-node-exporter@sha256:b52adea99db02532f7872306d197bb4c7b999eb6c6437654308eef12754bf104_s390x |
| Red Hat | openshift4/ose-csi-node-driver-registrar@sha256:80dea93e20a001994b2e2dad3e1b3b7532b22585126c8cdbe5f4afbfe142e19c_s390x as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-csi-node-driver-registrar@sha256:80dea93e20a001994b2e2dad3e1b3b7532b22585126c8cdbe5f4afbfe142e19c_s390x |
| Red Hat | openshift4/ose-cluster-autoscaler@sha256:72e887092d462320da30bcf484b01c3232ed6b1ed75645e54c62b135ab657e58_amd64 as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-cluster-autoscaler@sha256:72e887092d462320da30bcf484b01c3232ed6b1ed75645e54c62b135ab657e58_amd64 |
| Red Hat | openshift4/ose-kube-rbac-proxy@sha256:a9e4a2b723f3e024549c9e1baafd9185f6c502590239d1415775090c66a70aed_s390x as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-kube-rbac-proxy@sha256:a9e4a2b723f3e024549c9e1baafd9185f6c502590239d1415775090c66a70aed_s390x, openshift4/ose-kube-rbac-proxy@sha256:a9e4a2b723f3e024549c9e1baafd9185f6c502590239d1415775090c66a70aed_s390x |
| Red Hat | openshift4/ose-cluster-storage-operator@sha256:9e27631ffed84bc32715ca0f8cf9bb9dea6ad87720ecffde2da266c601d4dc7c_amd64 as a component of Red Hat OpenShift Container Platform 4.8 | *, openshift4/ose-cluster-storage-operator@sha256:9e27631ffed84bc32715ca0f8cf9bb9dea6ad87720ecffde2da266c601d4dc7c_amd64 |
| Red Hat | openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:bce86bfe3a594dec0670ae67828d3aeabda615e6e763a704ca029370ea5e97b8_amd64 as a component of Red Hat OpenShift Container Platform 4.8 | * |
| Red Hat | openshift4/ose-vsphere-problem-detector-rhel8@sha256:951a51b56371cd4cb3431ac8a1ef9d5f21a3374f14ff3734cae07fa5704b7b71_amd64 as a component of Red Hat OpenShift Container Platform 4.8 | *, openshift4/ose-vsphere-problem-detector-rhel8@sha256:951a51b56371cd4cb3431ac8a1ef9d5f21a3374f14ff3734cae07fa5704b7b71_amd64 |
| Red Hat | openshift4/ose-operator-registry@sha256:2369e22821cb8d09b826aeb9ff328d4bebe25aa2410b3084e7a7888c6f361da7_amd64 as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-operator-registry@sha256:2369e22821cb8d09b826aeb9ff328d4bebe25aa2410b3084e7a7888c6f361da7_amd64 |
| Red Hat | openshift4/ose-telemeter@sha256:1519e995f0fbc1dbff828fbd2b0b7735348101a54b65c3b132cb967a876ade2f_ppc64le as a component of Red Hat OpenShift Container Platform 4.8 | *, openshift4/ose-telemeter@sha256:1519e995f0fbc1dbff828fbd2b0b7735348101a54b65c3b132cb967a876ade2f_ppc64le |
| Red Hat | openshift4/ose-multus-route-override-cni-rhel8@sha256:769479a696176fa9d6896ee99edf949b8b1edf04eebfaf9cdbc1dace4daad5d2_s390x as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-multus-route-override-cni-rhel8@sha256:769479a696176fa9d6896ee99edf949b8b1edf04eebfaf9cdbc1dace4daad5d2_s390x |
| Red Hat | openshift4/ose-cluster-etcd-rhel8-operator@sha256:eecfc22eaafcca25b6a9b5fadcea60717bb35e5c2ff1294eab66937f12c052aa_ppc64le as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-cluster-etcd-rhel8-operator@sha256:eecfc22eaafcca25b6a9b5fadcea60717bb35e5c2ff1294eab66937f12c052aa_ppc64le |
| Red Hat | openshift4/ose-tests@sha256:73ca39363d52e8b0d4bf377fb55aa7b3b128dd464fee4a8ad77201d608496d64_ppc64le as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-tests@sha256:73ca39363d52e8b0d4bf377fb55aa7b3b128dd464fee4a8ad77201d608496d64_ppc64le |
| Red Hat | openshift4/ose-kuryr-cni-rhel8@sha256:5a557c28b7652a314d1fb19471bf864bdb79786953651272533779fe49cebc03_amd64 as a component of Red Hat OpenShift Container Platform 4.8 | * |
| Red Hat | openshift4/ose-oauth-server-rhel8@sha256:aa963222162bbd414fd7f3dcf446f0fde03bfed58a6dc049b6ced0064523aa81_amd64 as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-oauth-server-rhel8@sha256:aa963222162bbd414fd7f3dcf446f0fde03bfed58a6dc049b6ced0064523aa81_amd64, openshift4/ose-oauth-server-rhel8@sha256:aa963222162bbd414fd7f3dcf446f0fde03bfed58a6dc049b6ced0064523aa81_amd64 |
| Red Hat | openshift4/ose-multus-admission-controller@sha256:d08a722fff5c0bac8bb5d89e76dbfa8d17a6df1734b4f69f1dd73f41a1a11278_s390x as a component of Red Hat OpenShift Container Platform 4.8 | openshift4/ose-multus-admission-controller@sha256:d08a722fff5c0bac8bb5d89e76dbfa8d17a6df1734b4f69f1dd73f41a1a11278_s390x |
…and 722 more
Timeline
- Aug 10, 2021 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 29, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2021:2983 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1938967 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1943565 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1947809 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1948021 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1948629 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1957222 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1957512 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1958341 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1960446 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1961057 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1965503 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1967949 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1971730 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1972478 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1973662 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1974812 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1975559 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1976008 issue
…and 45 more