VDB
RHSA-2023%3A0778
RHSA-2023%3A0778
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-csi-snapshot-controller@sha256:967a206d30388c3a5831798bb57a9f085c753d47bc5935da0c39d1362dcf3520_s390x as a component of Red Hat OpenShift Container Platform 4.9 | *, openshift4/ose-csi-snapshot-controller@sha256:967a206d30388c3a5831798bb57a9f085c753d47bc5935da0c39d1362dcf3520_s390x |
| Red Hat | openshift4/ose-haproxy-router@sha256:39895a4ef887b75e507f4134b9423eb31502d4cd8abf38d9812643d917f4aedb_s390x as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-haproxy-router@sha256:39895a4ef887b75e507f4134b9423eb31502d4cd8abf38d9812643d917f4aedb_s390x, *, openshift4/ose-haproxy-router@sha256:39895a4ef887b75e507f4134b9423eb31502d4cd8abf38d9812643d917f4aedb_s390x |
| Red Hat | openshift4/ose-docker-builder@sha256:01beff02e16695cd6d5577dc8c2601545cac06893b6d7feb257ec51a97ba9c1e_amd64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-docker-builder@sha256:01beff02e16695cd6d5577dc8c2601545cac06893b6d7feb257ec51a97ba9c1e_amd64, openshift4/ose-docker-builder@sha256:01beff02e16695cd6d5577dc8c2601545cac06893b6d7feb257ec51a97ba9c1e_amd64 |
| Red Hat | openshift4/ose-aws-ebs-csi-driver-rhel8@sha256:20b5c5dfdc98f8abe3da1147801ba39350459923bcd100f7909d062fce7c0589_arm64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-aws-ebs-csi-driver-rhel8@sha256:20b5c5dfdc98f8abe3da1147801ba39350459923bcd100f7909d062fce7c0589_arm64, openshift4/ose-aws-ebs-csi-driver-rhel8@sha256:20b5c5dfdc98f8abe3da1147801ba39350459923bcd100f7909d062fce7c0589_arm64, * |
| Red Hat | openshift4/ose-oauth-server-rhel8@sha256:88d657089815ba803d290072cb1b5adbab39aa9e20ed97b0ea54859ae13e0b27_amd64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-oauth-server-rhel8@sha256:88d657089815ba803d290072cb1b5adbab39aa9e20ed97b0ea54859ae13e0b27_amd64, *, * |
| Red Hat | openshift4/ose-cluster-storage-operator@sha256:4b0edac4bd97cda609f5ddd289eac3ef3be91bca234b63fbce74e4828b6657cb_s390x as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-cluster-storage-operator@sha256:4b0edac4bd97cda609f5ddd289eac3ef3be91bca234b63fbce74e4828b6657cb_s390x, * |
| Red Hat | openshift4/ose-multus-cni@sha256:ef6c51d26bbb559733c161fa596ba978541ed6033bff7d4d02c536ce15ee1857_ppc64le as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-multus-cni@sha256:ef6c51d26bbb559733c161fa596ba978541ed6033bff7d4d02c536ce15ee1857_ppc64le, openshift4/ose-multus-cni@sha256:ef6c51d26bbb559733c161fa596ba978541ed6033bff7d4d02c536ce15ee1857_ppc64le |
| Red Hat | openshift4/ose-aws-machine-controllers@sha256:5c37ab49b7186a02f3048a6c79ed9dc753463c2d5a48744ec654f0e8c4e9b37b_arm64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-aws-machine-controllers@sha256:5c37ab49b7186a02f3048a6c79ed9dc753463c2d5a48744ec654f0e8c4e9b37b_arm64, *, openshift4/ose-aws-machine-controllers@sha256:5c37ab49b7186a02f3048a6c79ed9dc753463c2d5a48744ec654f0e8c4e9b37b_arm64 |
| Red Hat | openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:07f85af9fdf83f9c2ea107f1e2c8ebcf297cefc00268c23117bb941d905729a8_amd64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:07f85af9fdf83f9c2ea107f1e2c8ebcf297cefc00268c23117bb941d905729a8_amd64, openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:07f85af9fdf83f9c2ea107f1e2c8ebcf297cefc00268c23117bb941d905729a8_amd64, openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:07f85af9fdf83f9c2ea107f1e2c8ebcf297cefc00268c23117bb941d905729a8_amd64 |
| Red Hat | openshift4/ose-csi-external-snapshotter-rhel8@sha256:649416cd25577675a82812d7885d2662807dfc52377619521d52fbbe7062ce2f_amd64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-csi-external-snapshotter-rhel8@sha256:649416cd25577675a82812d7885d2662807dfc52377619521d52fbbe7062ce2f_amd64, * |
| Red Hat | openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:9ca28db42fc0ff6c058d5c711af31b3159baf18d391735c1fee5153be1ed1725_arm64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:9ca28db42fc0ff6c058d5c711af31b3159baf18d391735c1fee5153be1ed1725_arm64, *, openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:9ca28db42fc0ff6c058d5c711af31b3159baf18d391735c1fee5153be1ed1725_arm64 |
| Red Hat | openshift4/ose-baremetal-machine-controllers@sha256:2825d08f7fdfb6d7574fabe1e848ca93d0bbc00e015f4f63230a283a4dbe130e_s390x as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-baremetal-machine-controllers@sha256:2825d08f7fdfb6d7574fabe1e848ca93d0bbc00e015f4f63230a283a4dbe130e_s390x, * |
| Red Hat | openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f7b633680e6589e4917bcb57c764133fd113e812be9f89e48211373893e40148_s390x as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f7b633680e6589e4917bcb57c764133fd113e812be9f89e48211373893e40148_s390x, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:f7b633680e6589e4917bcb57c764133fd113e812be9f89e48211373893e40148_s390x |
| Red Hat | openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:f081f5fe0742f46bdeaed79c97c9ffa6ac554a6fcce4303aacb72e321f21e1e6_s390x as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:f081f5fe0742f46bdeaed79c97c9ffa6ac554a6fcce4303aacb72e321f21e1e6_s390x, openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:f081f5fe0742f46bdeaed79c97c9ffa6ac554a6fcce4303aacb72e321f21e1e6_s390x, * |
| Red Hat | openshift4/ose-prometheus-config-reloader@sha256:2911b780c184c573781102e6cb22b2d8333e52346cafcc20c60f7616b3865437_arm64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-prometheus-config-reloader@sha256:2911b780c184c573781102e6cb22b2d8333e52346cafcc20c60f7616b3865437_arm64, *, openshift4/ose-prometheus-config-reloader@sha256:2911b780c184c573781102e6cb22b2d8333e52346cafcc20c60f7616b3865437_arm64 |
| Red Hat | openshift4/ose-openshift-apiserver-rhel8@sha256:2b3033ff10b78566361f73d6b52aae132937831f373509c47e7a17dc57057892_amd64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-openshift-apiserver-rhel8@sha256:2b3033ff10b78566361f73d6b52aae132937831f373509c47e7a17dc57057892_amd64, openshift4/ose-openshift-apiserver-rhel8@sha256:2b3033ff10b78566361f73d6b52aae132937831f373509c47e7a17dc57057892_amd64 |
| Red Hat | openshift4/ose-pod@sha256:7c666951fa17beab7fa2b6db5bd30f5d45211644c09449ed4a2b4c99e89b2517_amd64 as a component of Red Hat OpenShift Container Platform 4.9 | *, *, * |
| Red Hat | openshift4/ose-vsphere-csi-driver-rhel8@sha256:2e23960ffac66a4a990afab623a9263c2631c426c4ce8c0def7f38cf50212e62_amd64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-vsphere-csi-driver-rhel8@sha256:2e23960ffac66a4a990afab623a9263c2631c426c4ce8c0def7f38cf50212e62_amd64, openshift4/ose-vsphere-csi-driver-rhel8@sha256:2e23960ffac66a4a990afab623a9263c2631c426c4ce8c0def7f38cf50212e62_amd64, openshift4/ose-vsphere-csi-driver-rhel8@sha256:2e23960ffac66a4a990afab623a9263c2631c426c4ce8c0def7f38cf50212e62_amd64 |
| Red Hat | openshift4/ose-cluster-machine-approver@sha256:4629f13404daff1a0b3af6d3fdf23e7c57b9889c3499a38749797200a5ba4918_ppc64le as a component of Red Hat OpenShift Container Platform 4.9 | *, * |
| Red Hat | openshift4/ose-service-ca-operator@sha256:721529a127ce9ea2ccfa979638f10821d039d5c3628a2a893e9d03151b592e96_amd64 as a component of Red Hat OpenShift Container Platform 4.9 | openshift4/ose-service-ca-operator@sha256:721529a127ce9ea2ccfa979638f10821d039d5c3628a2a893e9d03151b592e96_amd64, * |
…and 1044 more
Timeline
- Feb 22, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 15, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:0778 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2163037 issue
- https://issues.redhat.com/browse/OCPBUGS-2572 advisory
- https://issues.redhat.com/browse/OCPBUGS-4051 advisory
- https://issues.redhat.com/browse/OCPBUGS-4111 advisory
- https://issues.redhat.com/browse/OCPBUGS-5938 advisory
- https://issues.redhat.com/browse/OCPBUGS-6516 advisory
- https://issues.redhat.com/browse/OCPBUGS-6932 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0778.json advisory
- https://access.redhat.com/security/cve/CVE-2022-3064 advisory
- https://www.cve.org/CVERecord?id=CVE-2022-3064 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-3064 advisory
- https://github.com/advisories/GHSA-6q6q-88xp-6f2r advisory
- https://github.com/go-yaml/yaml/commit/f221b8435cfb71e54062f6c6e99e9ade30b124d5 advisory
- https://github.com/go-yaml/yaml/releases/tag/v2.2.4 advisory
- https://pkg.go.dev/vuln/GO-2022-0956 advisory