VDB

RHSA-2022%3A5026

RHSA-2022%3A5026 PUBLISHED CVSS 7.5 HIGH

A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatcontainer-native-virtualization/hostpath-csi-driver-rhel8@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 as a component of CNV 4.10 for RHEL 8container-native-virtualization/hostpath-csi-driver-rhel8@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64, container-native-virtualization/hostpath-csi-driver-rhel8@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64
Red Hatcontainer-native-virtualization/hostpath-csi-driver@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 as a component of CNV 4.10 for RHEL 8*, container-native-virtualization/hostpath-csi-driver@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64
Red Hatcontainer-native-virtualization/hostpath-csi-driver-rhel8@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 as a component of CNV 4.10 for RHEL 8*, container-native-virtualization/hostpath-csi-driver-rhel8@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64
Red Hatcontainer-native-virtualization/hostpath-csi-driver@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 as a component of CNV 4.10 for RHEL 8*, *

Timeline

  • Jun 14, 2022 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 14, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›