VDB
RHSA-2022%3A6263
RHSA-2022%3A6263
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-cluster-logging-operator@sha256:a69ce04217450ad48f90740ce4451d913826f22751fe5c3a1c12eb02d016c6ec_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-cluster-logging-operator@sha256:a69ce04217450ad48f90740ce4451d913826f22751fe5c3a1c12eb02d016c6ec_amd64 |
| Red Hat | openshift4/ose-logging-fluentd@sha256:5fceda13d99e14f3788fb8f9c0fca2488b3ba1bf6c4b2c705dcbb551571444a5_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | * |
| Red Hat | openshift4/ose-local-storage-static-provisioner@sha256:8cab47325d207a71a6cbe86ebd7709ba82bb859c35a349b9f2e6184e5503a6b1_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-local-storage-static-provisioner@sha256:8cab47325d207a71a6cbe86ebd7709ba82bb859c35a349b9f2e6184e5503a6b1_amd64 |
| Red Hat | openshift4/ose-egress-http-proxy@sha256:133914176044f6f521856c8d51c78883a9436b9f52c06c9d6913d87e8aefe0ba_s390x as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-egress-http-proxy@sha256:133914176044f6f521856c8d51c78883a9436b9f52c06c9d6913d87e8aefe0ba_s390x |
| Red Hat | openshift4/ose-sriov-network-operator@sha256:fe2d6766d7029ea200bed6ffac5dd3a4c4b50f7987f1b8209396823a6ade0526_s390x as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-sriov-network-operator@sha256:fe2d6766d7029ea200bed6ffac5dd3a4c4b50f7987f1b8209396823a6ade0526_s390x |
| Red Hat | openshift4/ose-egress-http-proxy@sha256:be985277a8d5ddf42260a660b324220e89293269b5cc13892239f979e6cb732d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-egress-http-proxy@sha256:be985277a8d5ddf42260a660b324220e89293269b5cc13892239f979e6cb732d_ppc64le |
| Red Hat | openshift4/ose-sriov-operator-must-gather@sha256:c924feefd25e638da685ba9dbff0022491fd0938c95eb4710f6df170d113dc46_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-sriov-operator-must-gather@sha256:c924feefd25e638da685ba9dbff0022491fd0938c95eb4710f6df170d113dc46_amd64 |
| Red Hat | openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:246a014e430784186871c8a508e443caa4a9feb093cd6af72e9881e30d5946b6_ppc64le as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:246a014e430784186871c8a508e443caa4a9feb093cd6af72e9881e30d5946b6_ppc64le |
| Red Hat | openshift4/ose-logging-kibana6@sha256:088146bfeb73cffbb298a1924690f956ae8e1490f37bd9ab017c20e1aa580bfc_ppc64le as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-logging-kibana6@sha256:088146bfeb73cffbb298a1924690f956ae8e1490f37bd9ab017c20e1aa580bfc_ppc64le |
| Red Hat | openshift4/ose-helm-operator@sha256:3d6ea89f340f232197d92fb76b9ee1e3cd01c2c68ccd32ffa0079679b5ca84a7_ppc64le as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-helm-operator@sha256:3d6ea89f340f232197d92fb76b9ee1e3cd01c2c68ccd32ffa0079679b5ca84a7_ppc64le |
| Red Hat | openshift4/ose-metering-helm-container-rhel8@sha256:f9d3c4275c8550f01d5f8bc79a00e3573d26c1a3bae4908e962a4004a4687ab6_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | * |
| Red Hat | openshift4/ose-metering-helm-container-rhel8@sha256:346ce3b03503db720d36fd4f517aa479f49079214ca4ff9235676dd08809fe26_ppc64le as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-metering-helm-container-rhel8@sha256:346ce3b03503db720d36fd4f517aa479f49079214ca4ff9235676dd08809fe26_ppc64le |
| Red Hat | openshift4/ose-logging-kibana6@sha256:7569c32d3aaafd3b89144e0bd8e571ad617e2b6de4917c17fbaf7c2578df6164_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-logging-kibana6@sha256:7569c32d3aaafd3b89144e0bd8e571ad617e2b6de4917c17fbaf7c2578df6164_amd64 |
| Red Hat | openshift4/ose-clusterresourceoverride-rhel8@sha256:2d6095765d4abfbcfd74794d9602033c2d49c8e909413b0b7a6f17d1f5e15881_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | * |
| Red Hat | openshift4/ose-egress-dns-proxy@sha256:cd182bcd78e9016e2d754372d648993aae24278e1389d361409b44cbe5c1a380_s390x as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-egress-dns-proxy@sha256:cd182bcd78e9016e2d754372d648993aae24278e1389d361409b44cbe5c1a380_s390x |
| Red Hat | openshift4/ose-metering-hive@sha256:6c52ee69f8c6a7abd593a6bd8dbef511b2385ab3495e63d5adf72163001bb2ac_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-metering-hive@sha256:6c52ee69f8c6a7abd593a6bd8dbef511b2385ab3495e63d5adf72163001bb2ac_amd64 |
| Red Hat | openshift4/ose-sriov-network-webhook@sha256:5c9c51701ede61036a4f5900bd28c7d09b0e2eea3a74eb5c9aa5b703ee6b3201_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-sriov-network-webhook@sha256:5c9c51701ede61036a4f5900bd28c7d09b0e2eea3a74eb5c9aa5b703ee6b3201_amd64 |
| Red Hat | openshift4/ose-logging-curator5@sha256:81a040c904e61127de9aa1456a1c6ed3307a4fbae8b9ec4c73ca2b99b13da1c4_ppc64le as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-logging-curator5@sha256:81a040c904e61127de9aa1456a1c6ed3307a4fbae8b9ec4c73ca2b99b13da1c4_ppc64le |
| Red Hat | openshift4/ose-ptp@sha256:26615f1c6f2ad2fd7acb44c923c758edfa2ecacb2db7b448ec60822f1d2d3069_ppc64le as a component of Red Hat OpenShift Container Platform 4.6 | * |
| Red Hat | openshift4/ose-ptp@sha256:ecebbebf0886dade09921ee9526cf29160429dffb23be1d1141167d0179d0ea7_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/ose-ptp@sha256:ecebbebf0886dade09921ee9526cf29160429dffb23be1d1141167d0179d0ea7_amd64 |
…and 232 more
Timeline
- Sep 9, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:6263 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2086496 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2091584 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2100495 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6263.json advisory
- https://access.redhat.com/security/cve/CVE-2021-38561 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-38561 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-38561 advisory
- https://pkg.go.dev/vuln/GO-2021-0113 advisory