VDB

RHSA-2023%3A0481

RHSA-2023%3A0481 PUBLISHED CVSS 7.5 HIGH

A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatrhacm2/lighthouse-coredns-rhel8@sha256:dbc246166dd35202221ac3f885a0e46160a6d277a058b6d2f1c7ee571c673b50_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8*
Red Hatrhacm2/submariner-networkplugin-syncer-rhel8@sha256:39ca01ef63bc7d2663186a516456c90657b918a2ec044af7aadb1315a607f429_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-networkplugin-syncer-rhel8@sha256:39ca01ef63bc7d2663186a516456c90657b918a2ec044af7aadb1315a607f429_s390x
Red Hatrhacm2/submariner-route-agent-rhel8@sha256:497545ae0c5ae10463c5ef4a56c0e3733efbff2da65754dce4bbb977cb80d55a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-route-agent-rhel8@sha256:497545ae0c5ae10463c5ef4a56c0e3733efbff2da65754dce4bbb977cb80d55a_s390x
Red Hatrhacm2/submariner-networkplugin-syncer-rhel8@sha256:91bc8d57c88c771bda7a6703ced10e32e9999116fe8cb7e4adddb6198591eeac_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-networkplugin-syncer-rhel8@sha256:91bc8d57c88c771bda7a6703ced10e32e9999116fe8cb7e4adddb6198591eeac_amd64
Red Hatrhacm2/submariner-route-agent-rhel8@sha256:6bff7c4285999b218937924fc75e6303525089064f21d23234a01f453529fbf6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-route-agent-rhel8@sha256:6bff7c4285999b218937924fc75e6303525089064f21d23234a01f453529fbf6_amd64
Red Hatrhacm2/lighthouse-coredns-rhel8@sha256:77e474f4e0be091c3772ec0c16f2a67168dfea599a1f4220deb2fcb795d2d9c7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/lighthouse-coredns-rhel8@sha256:77e474f4e0be091c3772ec0c16f2a67168dfea599a1f4220deb2fcb795d2d9c7_ppc64le
Red Hatrhacm2/submariner-gateway-rhel8@sha256:825db9cddd68a762e934bc855e5836e4f16a566f59d1310f45a06dac85ab8035_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-gateway-rhel8@sha256:825db9cddd68a762e934bc855e5836e4f16a566f59d1310f45a06dac85ab8035_s390x
Red Hatrhacm2/submariner-route-agent-rhel8@sha256:0f13ca7bb60b17115395a51421916f0136a6d1296da563ba609cf37ec4e31440_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-route-agent-rhel8@sha256:0f13ca7bb60b17115395a51421916f0136a6d1296da563ba609cf37ec4e31440_ppc64le
Red Hatrhacm2/subctl-rhel8@sha256:e6f5f07b97d4998c122cadeee693dce4d72f3bbe2c1f9703b15621b6531cf3a4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8*
Red Hatrhacm2/subctl-rhel8@sha256:e6f5f07b97d4998c122cadeee693dce4d72f3bbe2c1f9703b15621b6531cf3a4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8*
Red Hatrhacm2/submariner-rhel8-operator@sha256:2aad67f470d3a58382029b4db1459916036a8f41aed167d567eb1abef45cda3f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-rhel8-operator@sha256:2aad67f470d3a58382029b4db1459916036a8f41aed167d567eb1abef45cda3f_ppc64le
Red Hatrhacm2/submariner-gateway-rhel8@sha256:7b343f4f8ea08b2e2a670ee938a2286a92d701e5e92f4f43ee58e620e2ee070b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-gateway-rhel8@sha256:7b343f4f8ea08b2e2a670ee938a2286a92d701e5e92f4f43ee58e620e2ee070b_amd64
Red Hatrhacm2/lighthouse-agent-rhel8@sha256:b76b9fc2f08fdedd74511526b3f049a37e8beab3dddd9c3463ea20064aadf194_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8*
Red Hatrhacm2/subctl-rhel8@sha256:dae78580dc26a6beaaeef47575e0cc13c487d5cef1d72c415ddc19368ef3b4a5_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/subctl-rhel8@sha256:dae78580dc26a6beaaeef47575e0cc13c487d5cef1d72c415ddc19368ef3b4a5_arm64
Red Hatrhacm2/submariner-rhel8-operator@sha256:dc2a4dace498a5c6238c555411362c2e6166011582a572d3cab431c745143301_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-rhel8-operator@sha256:dc2a4dace498a5c6238c555411362c2e6166011582a572d3cab431c745143301_arm64
Red Hatrhacm2/submariner-networkplugin-syncer-rhel8@sha256:91bc8d57c88c771bda7a6703ced10e32e9999116fe8cb7e4adddb6198591eeac_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-networkplugin-syncer-rhel8@sha256:91bc8d57c88c771bda7a6703ced10e32e9999116fe8cb7e4adddb6198591eeac_amd64
Red Hatrhacm2/submariner-globalnet-rhel8@sha256:d855b05d15a54a88e2c026e0d1935b189dc7ceddb3a7b5b0672e8e4c715f3845_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-globalnet-rhel8@sha256:d855b05d15a54a88e2c026e0d1935b189dc7ceddb3a7b5b0672e8e4c715f3845_s390x
Red Hatrhacm2/submariner-route-agent-rhel8@sha256:6bff7c4285999b218937924fc75e6303525089064f21d23234a01f453529fbf6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8rhacm2/submariner-route-agent-rhel8@sha256:6bff7c4285999b218937924fc75e6303525089064f21d23234a01f453529fbf6_amd64
Red Hatrhacm2/lighthouse-agent-rhel8@sha256:998706bb956a4fdd15526b5bb6a0458d59ea5cc537e2784b6dec1bb24b6aebbd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8*
Red Hatrhacm2/submariner-globalnet-rhel8@sha256:3b04b0be64ea639e82496102236899cc62a2521c8e8bebd07c852118e76bce88_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8*

…and 52 more

Timeline

  • Jan 26, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›