VDB
RHSA-2022%3A5026
RHSA-2022%3A5026
PUBLISHED
CVSS 7.5 HIGH
A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | container-native-virtualization/hostpath-csi-driver-rhel8@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 as a component of CNV 4.10 for RHEL 8 | container-native-virtualization/hostpath-csi-driver-rhel8@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64, container-native-virtualization/hostpath-csi-driver-rhel8@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 |
| Red Hat | container-native-virtualization/hostpath-csi-driver@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 as a component of CNV 4.10 for RHEL 8 | *, container-native-virtualization/hostpath-csi-driver@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 |
| Red Hat | container-native-virtualization/hostpath-csi-driver-rhel8@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 as a component of CNV 4.10 for RHEL 8 | *, container-native-virtualization/hostpath-csi-driver-rhel8@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 |
| Red Hat | container-native-virtualization/hostpath-csi-driver@sha256:bef6d1db4e5d8084d9e18745b48f5c29a82c3b772f4255982470ea17dec2b9d8_amd64 as a component of CNV 4.10 for RHEL 8 | *, * |
Timeline
- Jun 14, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 14, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:5026 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2016290 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2033346 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2037605 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2045880 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2074384 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2080453 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2080918 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2083594 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2085459 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2086114 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2086541 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2088476 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2088622 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2089637 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2089658 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2089661 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5026.json advisory
- https://access.redhat.com/security/cve/CVE-2022-21698 advisory
…and 3 more