VDB

RHSA-2022%3A7261

RHSA-2022%3A7261 PUBLISHED CVSS 7.5 HIGH

A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatoadp/oadp-registry-rhel8@sha256:2caeb1c05f0d5ecf46884898beb5a2e188416b8338db589d9554bcc228a6e34c_amd64 as a component of 8Base-OADP-1.0oadp/oadp-registry-rhel8@sha256:2caeb1c05f0d5ecf46884898beb5a2e188416b8338db589d9554bcc228a6e34c_amd64, *
Red Hatoadp/oadp-rhel8-operator@sha256:da2c0d5effcb7fb963b49e45607a8ec5ddf7ede6141a849dbe09c39faae0a83f_amd64 as a component of 8Base-OADP-1.0oadp/oadp-rhel8-operator@sha256:da2c0d5effcb7fb963b49e45607a8ec5ddf7ede6141a849dbe09c39faae0a83f_amd64, *
Red Hatoadp/oadp-velero-rhel8@sha256:04d1779175d2e576226acfd80852b9e73acbf0f4a93e1086f66a6277a5f66f9c_amd64 as a component of 8Base-OADP-1.0*, oadp/oadp-velero-rhel8@sha256:04d1779175d2e576226acfd80852b9e73acbf0f4a93e1086f66a6277a5f66f9c_amd64
Red Hatoadp/oadp-velero-plugin-for-csi-rhel8@sha256:7b6c7690d11b5ae519db6ceeb46f84b81e45e4501a1635b74ee2909f09164a03_amd64 as a component of 8Base-OADP-1.0oadp/oadp-velero-plugin-for-csi-rhel8@sha256:7b6c7690d11b5ae519db6ceeb46f84b81e45e4501a1635b74ee2909f09164a03_amd64, *
Red Hatoadp/oadp-operator-bundle@sha256:13bf1ae0a74f3838435ccd6ff396e6f5656b39b7c7aa60f8fbe1f97ea34da997_amd64 as a component of 8Base-OADP-1.0*, oadp/oadp-operator-bundle@sha256:13bf1ae0a74f3838435ccd6ff396e6f5656b39b7c7aa60f8fbe1f97ea34da997_amd64
Red Hatoadp/oadp-velero-rhel8@sha256:04d1779175d2e576226acfd80852b9e73acbf0f4a93e1086f66a6277a5f66f9c_amd64 as a component of 8Base-OADP-1.0oadp/oadp-velero-rhel8@sha256:04d1779175d2e576226acfd80852b9e73acbf0f4a93e1086f66a6277a5f66f9c_amd64, oadp/oadp-velero-rhel8@sha256:04d1779175d2e576226acfd80852b9e73acbf0f4a93e1086f66a6277a5f66f9c_amd64
Red Hatoadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2d56c97327c3ae58e452fc8d36abcf900724cfc3f47eface24114d2ace1fadae_amd64 as a component of 8Base-OADP-1.0oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2d56c97327c3ae58e452fc8d36abcf900724cfc3f47eface24114d2ace1fadae_amd64, oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2d56c97327c3ae58e452fc8d36abcf900724cfc3f47eface24114d2ace1fadae_amd64
Red Hatoadp/oadp-rhel8-operator@sha256:da2c0d5effcb7fb963b49e45607a8ec5ddf7ede6141a849dbe09c39faae0a83f_amd64 as a component of 8Base-OADP-1.0oadp/oadp-rhel8-operator@sha256:da2c0d5effcb7fb963b49e45607a8ec5ddf7ede6141a849dbe09c39faae0a83f_amd64, oadp/oadp-rhel8-operator@sha256:da2c0d5effcb7fb963b49e45607a8ec5ddf7ede6141a849dbe09c39faae0a83f_amd64
Red Hatoadp/oadp-velero-plugin-rhel8@sha256:c7b4157aa82060778a669962fc1381f531b3c99ef7e2dcd5718f47822817fc27_amd64 as a component of 8Base-OADP-1.0*, oadp/oadp-velero-plugin-rhel8@sha256:c7b4157aa82060778a669962fc1381f531b3c99ef7e2dcd5718f47822817fc27_amd64
Red Hatoadp/oadp-velero-plugin-for-csi-rhel8@sha256:7b6c7690d11b5ae519db6ceeb46f84b81e45e4501a1635b74ee2909f09164a03_amd64 as a component of 8Base-OADP-1.0oadp/oadp-velero-plugin-for-csi-rhel8@sha256:7b6c7690d11b5ae519db6ceeb46f84b81e45e4501a1635b74ee2909f09164a03_amd64, oadp/oadp-velero-plugin-for-csi-rhel8@sha256:7b6c7690d11b5ae519db6ceeb46f84b81e45e4501a1635b74ee2909f09164a03_amd64
Red Hatoadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:dea2e2a9e1624b5e2fe2cfe01ae992516bed85301fb08dd1460d70249fc27458_amd64 as a component of 8Base-OADP-1.0*, *
Red Hatoadp/oadp-velero-plugin-for-aws-rhel8@sha256:45bbf084f3dd9150be49be6b901b32c6c57c7784496286f2dde33d2dc92683bc_amd64 as a component of 8Base-OADP-1.0*, oadp/oadp-velero-plugin-for-aws-rhel8@sha256:45bbf084f3dd9150be49be6b901b32c6c57c7784496286f2dde33d2dc92683bc_amd64
Red Hatoadp/oadp-velero-plugin-rhel8@sha256:c7b4157aa82060778a669962fc1381f531b3c99ef7e2dcd5718f47822817fc27_amd64 as a component of 8Base-OADP-1.0*, oadp/oadp-velero-plugin-rhel8@sha256:c7b4157aa82060778a669962fc1381f531b3c99ef7e2dcd5718f47822817fc27_amd64
Red Hatoadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:dea2e2a9e1624b5e2fe2cfe01ae992516bed85301fb08dd1460d70249fc27458_amd64 as a component of 8Base-OADP-1.0*, *
Red Hatoadp/oadp-mustgather-rhel8@sha256:30651665c25b23d6bd4902add5987b2d95e01d2d0fd6d94e9b572505c5473148_amd64 as a component of 8Base-OADP-1.0*, *
Red Hatoadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2d56c97327c3ae58e452fc8d36abcf900724cfc3f47eface24114d2ace1fadae_amd64 as a component of 8Base-OADP-1.0*, oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2d56c97327c3ae58e452fc8d36abcf900724cfc3f47eface24114d2ace1fadae_amd64
Red Hatoadp/oadp-velero-restic-restore-helper-rhel8@sha256:ff6ea5f1f5e7667a186787e3e0fceec154d65f7f6cc004e179c7d3442a6c7823_amd64 as a component of 8Base-OADP-1.0oadp/oadp-velero-restic-restore-helper-rhel8@sha256:ff6ea5f1f5e7667a186787e3e0fceec154d65f7f6cc004e179c7d3442a6c7823_amd64, *
Red Hatoadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4820936703441b1b06194fc59473c030ce6bc2dd729e0840a290250875ca936f_amd64 as a component of 8Base-OADP-1.0oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4820936703441b1b06194fc59473c030ce6bc2dd729e0840a290250875ca936f_amd64, oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4820936703441b1b06194fc59473c030ce6bc2dd729e0840a290250875ca936f_amd64
Red Hatoadp/oadp-velero-plugin-for-aws-rhel8@sha256:45bbf084f3dd9150be49be6b901b32c6c57c7784496286f2dde33d2dc92683bc_amd64 as a component of 8Base-OADP-1.0oadp/oadp-velero-plugin-for-aws-rhel8@sha256:45bbf084f3dd9150be49be6b901b32c6c57c7784496286f2dde33d2dc92683bc_amd64, *
Red Hatoadp/oadp-mustgather-rhel8@sha256:30651665c25b23d6bd4902add5987b2d95e01d2d0fd6d94e9b572505c5473148_amd64 as a component of 8Base-OADP-1.0*, oadp/oadp-mustgather-rhel8@sha256:30651665c25b23d6bd4902add5987b2d95e01d2d0fd6d94e9b572505c5473148_amd64

…and 4 more

Timeline

  • Oct 31, 2022 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 14, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›