VDB

RHSA-2022%3A0434

RHSA-2022%3A0434 PUBLISHED CVSS 7.300000190734863 HIGH

A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Risk Scores

CVSS 3.1
7.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected Products

VendorProductVersions
Red Hatopenshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x as a component of Red Hat OpenShift Serverless 1.20openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x, *
Red Hatopenshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64 as a component of Red Hat OpenShift Serverless 1.20*, *
Red Hatopenshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le as a component of Red Hat OpenShift Serverless 1.20openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le
Red Hatopenshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64 as a component of Red Hat OpenShift Serverless 1.20*, *
Red Hatopenshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x as a component of Red Hat OpenShift Serverless 1.20*, *
Red Hatopenshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x as a component of Red Hat OpenShift Serverless 1.20*, openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x
Red Hatopenshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64 as a component of Red Hat OpenShift Serverless 1.20openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64
Red Hatopenshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64 as a component of Red Hat OpenShift Serverless 1.20*
Red Hatopenshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le as a component of Red Hat OpenShift Serverless 1.20openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le
Red Hatopenshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le as a component of Red Hat OpenShift Serverless 1.20openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le
Red Hatopenshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x as a component of Red Hat OpenShift Serverless 1.20*, *
Red Hatopenshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le as a component of Red Hat OpenShift Serverless 1.20*
Red Hatopenshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64 as a component of Red Hat OpenShift Serverless 1.20openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64, *
Red Hatopenshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x as a component of Red Hat OpenShift Serverless 1.20openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x
Red Hatopenshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64 as a component of Red Hat OpenShift Serverless 1.20*, *
Red Hatopenshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x as a component of Red Hat OpenShift Serverless 1.20openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x, *
Red Hatopenshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64 as a component of Red Hat OpenShift Serverless 1.20openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64
Red Hatopenshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le as a component of Red Hat OpenShift Serverless 1.20*, openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le
Red Hatopenshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le as a component of Red Hat OpenShift Serverless 1.20*, *
Red Hatopenshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le as a component of Red Hat OpenShift Serverless 1.20*, openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le

…and 180 more

Timeline

  • Feb 3, 2022 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›