VDB
RHSA-2022%3A7261
RHSA-2022%3A7261
PUBLISHED
CVSS 7.5 HIGH
A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | oadp/oadp-registry-rhel8@sha256:2caeb1c05f0d5ecf46884898beb5a2e188416b8338db589d9554bcc228a6e34c_amd64 as a component of 8Base-OADP-1.0 | oadp/oadp-registry-rhel8@sha256:2caeb1c05f0d5ecf46884898beb5a2e188416b8338db589d9554bcc228a6e34c_amd64, * |
| Red Hat | oadp/oadp-rhel8-operator@sha256:da2c0d5effcb7fb963b49e45607a8ec5ddf7ede6141a849dbe09c39faae0a83f_amd64 as a component of 8Base-OADP-1.0 | oadp/oadp-rhel8-operator@sha256:da2c0d5effcb7fb963b49e45607a8ec5ddf7ede6141a849dbe09c39faae0a83f_amd64, * |
| Red Hat | oadp/oadp-velero-rhel8@sha256:04d1779175d2e576226acfd80852b9e73acbf0f4a93e1086f66a6277a5f66f9c_amd64 as a component of 8Base-OADP-1.0 | *, oadp/oadp-velero-rhel8@sha256:04d1779175d2e576226acfd80852b9e73acbf0f4a93e1086f66a6277a5f66f9c_amd64 |
| Red Hat | oadp/oadp-velero-plugin-for-csi-rhel8@sha256:7b6c7690d11b5ae519db6ceeb46f84b81e45e4501a1635b74ee2909f09164a03_amd64 as a component of 8Base-OADP-1.0 | oadp/oadp-velero-plugin-for-csi-rhel8@sha256:7b6c7690d11b5ae519db6ceeb46f84b81e45e4501a1635b74ee2909f09164a03_amd64, * |
| Red Hat | oadp/oadp-operator-bundle@sha256:13bf1ae0a74f3838435ccd6ff396e6f5656b39b7c7aa60f8fbe1f97ea34da997_amd64 as a component of 8Base-OADP-1.0 | *, oadp/oadp-operator-bundle@sha256:13bf1ae0a74f3838435ccd6ff396e6f5656b39b7c7aa60f8fbe1f97ea34da997_amd64 |
| Red Hat | oadp/oadp-velero-rhel8@sha256:04d1779175d2e576226acfd80852b9e73acbf0f4a93e1086f66a6277a5f66f9c_amd64 as a component of 8Base-OADP-1.0 | oadp/oadp-velero-rhel8@sha256:04d1779175d2e576226acfd80852b9e73acbf0f4a93e1086f66a6277a5f66f9c_amd64, oadp/oadp-velero-rhel8@sha256:04d1779175d2e576226acfd80852b9e73acbf0f4a93e1086f66a6277a5f66f9c_amd64 |
| Red Hat | oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2d56c97327c3ae58e452fc8d36abcf900724cfc3f47eface24114d2ace1fadae_amd64 as a component of 8Base-OADP-1.0 | oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2d56c97327c3ae58e452fc8d36abcf900724cfc3f47eface24114d2ace1fadae_amd64, oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2d56c97327c3ae58e452fc8d36abcf900724cfc3f47eface24114d2ace1fadae_amd64 |
| Red Hat | oadp/oadp-rhel8-operator@sha256:da2c0d5effcb7fb963b49e45607a8ec5ddf7ede6141a849dbe09c39faae0a83f_amd64 as a component of 8Base-OADP-1.0 | oadp/oadp-rhel8-operator@sha256:da2c0d5effcb7fb963b49e45607a8ec5ddf7ede6141a849dbe09c39faae0a83f_amd64, oadp/oadp-rhel8-operator@sha256:da2c0d5effcb7fb963b49e45607a8ec5ddf7ede6141a849dbe09c39faae0a83f_amd64 |
| Red Hat | oadp/oadp-velero-plugin-rhel8@sha256:c7b4157aa82060778a669962fc1381f531b3c99ef7e2dcd5718f47822817fc27_amd64 as a component of 8Base-OADP-1.0 | *, oadp/oadp-velero-plugin-rhel8@sha256:c7b4157aa82060778a669962fc1381f531b3c99ef7e2dcd5718f47822817fc27_amd64 |
| Red Hat | oadp/oadp-velero-plugin-for-csi-rhel8@sha256:7b6c7690d11b5ae519db6ceeb46f84b81e45e4501a1635b74ee2909f09164a03_amd64 as a component of 8Base-OADP-1.0 | oadp/oadp-velero-plugin-for-csi-rhel8@sha256:7b6c7690d11b5ae519db6ceeb46f84b81e45e4501a1635b74ee2909f09164a03_amd64, oadp/oadp-velero-plugin-for-csi-rhel8@sha256:7b6c7690d11b5ae519db6ceeb46f84b81e45e4501a1635b74ee2909f09164a03_amd64 |
| Red Hat | oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:dea2e2a9e1624b5e2fe2cfe01ae992516bed85301fb08dd1460d70249fc27458_amd64 as a component of 8Base-OADP-1.0 | *, * |
| Red Hat | oadp/oadp-velero-plugin-for-aws-rhel8@sha256:45bbf084f3dd9150be49be6b901b32c6c57c7784496286f2dde33d2dc92683bc_amd64 as a component of 8Base-OADP-1.0 | *, oadp/oadp-velero-plugin-for-aws-rhel8@sha256:45bbf084f3dd9150be49be6b901b32c6c57c7784496286f2dde33d2dc92683bc_amd64 |
| Red Hat | oadp/oadp-velero-plugin-rhel8@sha256:c7b4157aa82060778a669962fc1381f531b3c99ef7e2dcd5718f47822817fc27_amd64 as a component of 8Base-OADP-1.0 | *, oadp/oadp-velero-plugin-rhel8@sha256:c7b4157aa82060778a669962fc1381f531b3c99ef7e2dcd5718f47822817fc27_amd64 |
| Red Hat | oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:dea2e2a9e1624b5e2fe2cfe01ae992516bed85301fb08dd1460d70249fc27458_amd64 as a component of 8Base-OADP-1.0 | *, * |
| Red Hat | oadp/oadp-mustgather-rhel8@sha256:30651665c25b23d6bd4902add5987b2d95e01d2d0fd6d94e9b572505c5473148_amd64 as a component of 8Base-OADP-1.0 | *, * |
| Red Hat | oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2d56c97327c3ae58e452fc8d36abcf900724cfc3f47eface24114d2ace1fadae_amd64 as a component of 8Base-OADP-1.0 | *, oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2d56c97327c3ae58e452fc8d36abcf900724cfc3f47eface24114d2ace1fadae_amd64 |
| Red Hat | oadp/oadp-velero-restic-restore-helper-rhel8@sha256:ff6ea5f1f5e7667a186787e3e0fceec154d65f7f6cc004e179c7d3442a6c7823_amd64 as a component of 8Base-OADP-1.0 | oadp/oadp-velero-restic-restore-helper-rhel8@sha256:ff6ea5f1f5e7667a186787e3e0fceec154d65f7f6cc004e179c7d3442a6c7823_amd64, * |
| Red Hat | oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4820936703441b1b06194fc59473c030ce6bc2dd729e0840a290250875ca936f_amd64 as a component of 8Base-OADP-1.0 | oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4820936703441b1b06194fc59473c030ce6bc2dd729e0840a290250875ca936f_amd64, oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:4820936703441b1b06194fc59473c030ce6bc2dd729e0840a290250875ca936f_amd64 |
| Red Hat | oadp/oadp-velero-plugin-for-aws-rhel8@sha256:45bbf084f3dd9150be49be6b901b32c6c57c7784496286f2dde33d2dc92683bc_amd64 as a component of 8Base-OADP-1.0 | oadp/oadp-velero-plugin-for-aws-rhel8@sha256:45bbf084f3dd9150be49be6b901b32c6c57c7784496286f2dde33d2dc92683bc_amd64, * |
| Red Hat | oadp/oadp-mustgather-rhel8@sha256:30651665c25b23d6bd4902add5987b2d95e01d2d0fd6d94e9b572505c5473148_amd64 as a component of 8Base-OADP-1.0 | *, oadp/oadp-mustgather-rhel8@sha256:30651665c25b23d6bd4902add5987b2d95e01d2d0fd6d94e9b572505c5473148_amd64 |
…and 4 more
Timeline
- Oct 31, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 14, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:7261 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2045880 issue
- https://issues.redhat.com/browse/OADP-801 advisory
- https://issues.redhat.com/browse/OADP-812 advisory
- https://issues.redhat.com/browse/OADP-823 advisory
- https://issues.redhat.com/browse/OADP-829 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7261.json advisory
- https://access.redhat.com/security/cve/CVE-2022-21698 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-21698 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-21698 advisory
- https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p advisory