VDB

RHSA-2022%3A6263

RHSA-2022%3A6263 PUBLISHED CVSS 7.5 HIGH

A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-cluster-logging-operator@sha256:a69ce04217450ad48f90740ce4451d913826f22751fe5c3a1c12eb02d016c6ec_amd64 as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-cluster-logging-operator@sha256:a69ce04217450ad48f90740ce4451d913826f22751fe5c3a1c12eb02d016c6ec_amd64
Red Hatopenshift4/ose-logging-fluentd@sha256:5fceda13d99e14f3788fb8f9c0fca2488b3ba1bf6c4b2c705dcbb551571444a5_amd64 as a component of Red Hat OpenShift Container Platform 4.6*
Red Hatopenshift4/ose-local-storage-static-provisioner@sha256:8cab47325d207a71a6cbe86ebd7709ba82bb859c35a349b9f2e6184e5503a6b1_amd64 as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-local-storage-static-provisioner@sha256:8cab47325d207a71a6cbe86ebd7709ba82bb859c35a349b9f2e6184e5503a6b1_amd64
Red Hatopenshift4/ose-egress-http-proxy@sha256:133914176044f6f521856c8d51c78883a9436b9f52c06c9d6913d87e8aefe0ba_s390x as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-egress-http-proxy@sha256:133914176044f6f521856c8d51c78883a9436b9f52c06c9d6913d87e8aefe0ba_s390x
Red Hatopenshift4/ose-sriov-network-operator@sha256:fe2d6766d7029ea200bed6ffac5dd3a4c4b50f7987f1b8209396823a6ade0526_s390x as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-sriov-network-operator@sha256:fe2d6766d7029ea200bed6ffac5dd3a4c4b50f7987f1b8209396823a6ade0526_s390x
Red Hatopenshift4/ose-egress-http-proxy@sha256:be985277a8d5ddf42260a660b324220e89293269b5cc13892239f979e6cb732d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-egress-http-proxy@sha256:be985277a8d5ddf42260a660b324220e89293269b5cc13892239f979e6cb732d_ppc64le
Red Hatopenshift4/ose-sriov-operator-must-gather@sha256:c924feefd25e638da685ba9dbff0022491fd0938c95eb4710f6df170d113dc46_amd64 as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-sriov-operator-must-gather@sha256:c924feefd25e638da685ba9dbff0022491fd0938c95eb4710f6df170d113dc46_amd64
Red Hatopenshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:246a014e430784186871c8a508e443caa4a9feb093cd6af72e9881e30d5946b6_ppc64le as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:246a014e430784186871c8a508e443caa4a9feb093cd6af72e9881e30d5946b6_ppc64le
Red Hatopenshift4/ose-logging-kibana6@sha256:088146bfeb73cffbb298a1924690f956ae8e1490f37bd9ab017c20e1aa580bfc_ppc64le as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-logging-kibana6@sha256:088146bfeb73cffbb298a1924690f956ae8e1490f37bd9ab017c20e1aa580bfc_ppc64le
Red Hatopenshift4/ose-helm-operator@sha256:3d6ea89f340f232197d92fb76b9ee1e3cd01c2c68ccd32ffa0079679b5ca84a7_ppc64le as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-helm-operator@sha256:3d6ea89f340f232197d92fb76b9ee1e3cd01c2c68ccd32ffa0079679b5ca84a7_ppc64le
Red Hatopenshift4/ose-metering-helm-container-rhel8@sha256:f9d3c4275c8550f01d5f8bc79a00e3573d26c1a3bae4908e962a4004a4687ab6_amd64 as a component of Red Hat OpenShift Container Platform 4.6*
Red Hatopenshift4/ose-metering-helm-container-rhel8@sha256:346ce3b03503db720d36fd4f517aa479f49079214ca4ff9235676dd08809fe26_ppc64le as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-metering-helm-container-rhel8@sha256:346ce3b03503db720d36fd4f517aa479f49079214ca4ff9235676dd08809fe26_ppc64le
Red Hatopenshift4/ose-logging-kibana6@sha256:7569c32d3aaafd3b89144e0bd8e571ad617e2b6de4917c17fbaf7c2578df6164_amd64 as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-logging-kibana6@sha256:7569c32d3aaafd3b89144e0bd8e571ad617e2b6de4917c17fbaf7c2578df6164_amd64
Red Hatopenshift4/ose-clusterresourceoverride-rhel8@sha256:2d6095765d4abfbcfd74794d9602033c2d49c8e909413b0b7a6f17d1f5e15881_amd64 as a component of Red Hat OpenShift Container Platform 4.6*
Red Hatopenshift4/ose-egress-dns-proxy@sha256:cd182bcd78e9016e2d754372d648993aae24278e1389d361409b44cbe5c1a380_s390x as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-egress-dns-proxy@sha256:cd182bcd78e9016e2d754372d648993aae24278e1389d361409b44cbe5c1a380_s390x
Red Hatopenshift4/ose-metering-hive@sha256:6c52ee69f8c6a7abd593a6bd8dbef511b2385ab3495e63d5adf72163001bb2ac_amd64 as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-metering-hive@sha256:6c52ee69f8c6a7abd593a6bd8dbef511b2385ab3495e63d5adf72163001bb2ac_amd64
Red Hatopenshift4/ose-sriov-network-webhook@sha256:5c9c51701ede61036a4f5900bd28c7d09b0e2eea3a74eb5c9aa5b703ee6b3201_amd64 as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-sriov-network-webhook@sha256:5c9c51701ede61036a4f5900bd28c7d09b0e2eea3a74eb5c9aa5b703ee6b3201_amd64
Red Hatopenshift4/ose-logging-curator5@sha256:81a040c904e61127de9aa1456a1c6ed3307a4fbae8b9ec4c73ca2b99b13da1c4_ppc64le as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-logging-curator5@sha256:81a040c904e61127de9aa1456a1c6ed3307a4fbae8b9ec4c73ca2b99b13da1c4_ppc64le
Red Hatopenshift4/ose-ptp@sha256:26615f1c6f2ad2fd7acb44c923c758edfa2ecacb2db7b448ec60822f1d2d3069_ppc64le as a component of Red Hat OpenShift Container Platform 4.6*
Red Hatopenshift4/ose-ptp@sha256:ecebbebf0886dade09921ee9526cf29160429dffb23be1d1141167d0179d0ea7_amd64 as a component of Red Hat OpenShift Container Platform 4.6openshift4/ose-ptp@sha256:ecebbebf0886dade09921ee9526cf29160429dffb23be1d1141167d0179d0ea7_amd64

…and 232 more

Timeline

  • Sep 9, 2022 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›