VDB

RHSA-2022%3A5525

RHSA-2022%3A5525 PUBLISHED CVSS 7.5 HIGH

A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatocp-tools-4/service-binding-rhel8-operator@sha256:07d3b3260a410508168c6be3daf4409829734320c7a5c3532d8bff20f12bf457_s390x as a component of OpenShift Developer Tools and Services for OCP 4.7 for RHEL 8ocp-tools-4/service-binding-rhel8-operator@sha256:07d3b3260a410508168c6be3daf4409829734320c7a5c3532d8bff20f12bf457_s390x
Red Hatocp-tools-4/service-binding-rhel8-operator@sha256:784d686cc3c2cec8b08204df52ff19693aea77513adeca186341ffecf90e2cb0_arm64 as a component of OpenShift Developer Tools and Services for OCP 4.7 for RHEL 8ocp-tools-4/service-binding-rhel8-operator@sha256:784d686cc3c2cec8b08204df52ff19693aea77513adeca186341ffecf90e2cb0_arm64
Red Hatocp-tools-4/service-binding-rhel8-operator@sha256:7b0b4560ee8056a748fe2f0520fc37fc3061c978fff418cd1ad0544b512afae3_amd64 as a component of OpenShift Developer Tools and Services for OCP 4.7 for RHEL 8ocp-tools-4/service-binding-rhel8-operator@sha256:7b0b4560ee8056a748fe2f0520fc37fc3061c978fff418cd1ad0544b512afae3_amd64
Red Hatocp-tools-4/service-binding-operator-bundle@sha256:44d2aa8f1f54834eae6500b04fc7d29c6082657fcb90467635483c934b23b8d8_amd64 as a component of OpenShift Developer Tools and Services for OCP 4.7 for RHEL 8ocp-tools-4/service-binding-operator-bundle@sha256:44d2aa8f1f54834eae6500b04fc7d29c6082657fcb90467635483c934b23b8d8_amd64
Red Hatocp-tools-4/service-binding-rhel8-operator@sha256:7b0b4560ee8056a748fe2f0520fc37fc3061c978fff418cd1ad0544b512afae3_amd64 as a component of OpenShift Developer Tools and Services for OCP 4.7 for RHEL 8ocp-tools-4/service-binding-rhel8-operator@sha256:7b0b4560ee8056a748fe2f0520fc37fc3061c978fff418cd1ad0544b512afae3_amd64
Red Hatocp-tools-4/service-binding-rhel8-operator@sha256:cd9e796396a18c4b0e39d7412aa7367d0fc371fab6144b7ac981db2235a403d5_ppc64le as a component of OpenShift Developer Tools and Services for OCP 4.7 for RHEL 8ocp-tools-4/service-binding-rhel8-operator@sha256:cd9e796396a18c4b0e39d7412aa7367d0fc371fab6144b7ac981db2235a403d5_ppc64le
Red Hatocp-tools-4/service-binding-rhel8-operator@sha256:784d686cc3c2cec8b08204df52ff19693aea77513adeca186341ffecf90e2cb0_arm64 as a component of OpenShift Developer Tools and Services for OCP 4.7 for RHEL 8ocp-tools-4/service-binding-rhel8-operator@sha256:784d686cc3c2cec8b08204df52ff19693aea77513adeca186341ffecf90e2cb0_arm64
Red Hatocp-tools-4/service-binding-rhel8-operator@sha256:cd9e796396a18c4b0e39d7412aa7367d0fc371fab6144b7ac981db2235a403d5_ppc64le as a component of OpenShift Developer Tools and Services for OCP 4.7 for RHEL 8ocp-tools-4/service-binding-rhel8-operator@sha256:cd9e796396a18c4b0e39d7412aa7367d0fc371fab6144b7ac981db2235a403d5_ppc64le
Red Hatocp-tools-4/service-binding-operator-bundle@sha256:44d2aa8f1f54834eae6500b04fc7d29c6082657fcb90467635483c934b23b8d8_amd64 as a component of OpenShift Developer Tools and Services for OCP 4.7 for RHEL 8ocp-tools-4/service-binding-operator-bundle@sha256:44d2aa8f1f54834eae6500b04fc7d29c6082657fcb90467635483c934b23b8d8_amd64
Red Hatocp-tools-4/service-binding-rhel8-operator@sha256:07d3b3260a410508168c6be3daf4409829734320c7a5c3532d8bff20f12bf457_s390x as a component of OpenShift Developer Tools and Services for OCP 4.7 for RHEL 8*

Timeline

  • Jul 7, 2022 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›