VDB
RHSA-2023%3A0890
RHSA-2023%3A0890
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-docker-builder@sha256:4d1d6e3c42969febd68a6bb165d040c50d8482a58956f5cc7e54df19dc60a05b_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | * |
| Red Hat | openshift4/ose-cluster-storage-operator@sha256:55ca28fcce44d3909136dd143ff985953755e808ccc0ad46bb936f16ca851e14_s390x as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-cluster-storage-operator@sha256:55ca28fcce44d3909136dd143ff985953755e808ccc0ad46bb936f16ca851e14_s390x |
| Red Hat | openshift4/ose-hypershift-rhel8@sha256:a6144b5148789cb8e7468738402d2741e8dae070cff3e635310f65b18efe1871_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-hypershift-rhel8@sha256:a6144b5148789cb8e7468738402d2741e8dae070cff3e635310f65b18efe1871_amd64 |
| Red Hat | openshift4/driver-toolkit-rhel8@sha256:df42b4785a7a662b30da53bdb0d206120cf4d24b45674227b16051ba4b7c3934_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/driver-toolkit-rhel8@sha256:df42b4785a7a662b30da53bdb0d206120cf4d24b45674227b16051ba4b7c3934_amd64 |
| Red Hat | openshift4/ose-baremetal-installer-rhel8@sha256:3000ff52beee58fe3ec501f4649ff8029904f1e851f27a8a484d406764ad7eb8_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-baremetal-installer-rhel8@sha256:3000ff52beee58fe3ec501f4649ff8029904f1e851f27a8a484d406764ad7eb8_amd64 |
| Red Hat | openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:a6fc71263662f0b26ab7ec1f772323b740d8f0bc6079ba516537b02d9b48e26a_s390x as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:a6fc71263662f0b26ab7ec1f772323b740d8f0bc6079ba516537b02d9b48e26a_s390x |
| Red Hat | openshift4/ose-haproxy-router@sha256:51f00c0886cef5f1975238c058b7d3ab18099fe0029a28eb29f27515aba8681a_s390x as a component of Red Hat OpenShift Container Platform 4.12 | * |
| Red Hat | openshift4/ose-console@sha256:b9f1ed9e892270c6d8083487bd612fc207fcb90c2752fa89426e25f45e7c1c0b_arm64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-console@sha256:b9f1ed9e892270c6d8083487bd612fc207fcb90c2752fa89426e25f45e7c1c0b_arm64 |
| Red Hat | openshift4/ose-ovn-kubernetes@sha256:22ae12dfd7dcfb1b7a929bd4eba3405464b9e8439f62719569c136b6f3388521_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-ovn-kubernetes@sha256:22ae12dfd7dcfb1b7a929bd4eba3405464b9e8439f62719569c136b6f3388521_amd64 |
| Red Hat | openshift4/ose-hypershift-rhel8@sha256:17fbbc414543ca9ed3244e723d629c7d4ea2ea036c315f819e06c773ee5a4bf9_ppc64le as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-hypershift-rhel8@sha256:17fbbc414543ca9ed3244e723d629c7d4ea2ea036c315f819e06c773ee5a4bf9_ppc64le |
| Red Hat | openshift4/ose-cluster-network-operator@sha256:9e533687d28fd847ef7204dd2b96ab8f3337792f110ab3f7488280c9cce7bb33_s390x as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-cluster-network-operator@sha256:9e533687d28fd847ef7204dd2b96ab8f3337792f110ab3f7488280c9cce7bb33_s390x |
| Red Hat | openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:7ba4345961105cf7421122b7ae92752df2a0c462ef8379f3bdd30ef0f4e327b0_arm64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:7ba4345961105cf7421122b7ae92752df2a0c462ef8379f3bdd30ef0f4e327b0_arm64 |
| Red Hat | openshift4/ose-cluster-kube-controller-manager-operator@sha256:009e95dc03680d408b1db99abc9aa9874963318314fadba013c9044ed4474837_ppc64le as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-cluster-kube-controller-manager-operator@sha256:009e95dc03680d408b1db99abc9aa9874963318314fadba013c9044ed4474837_ppc64le |
| Red Hat | openshift4/ose-prometheus-operator@sha256:e4a33dc7b6bf8326818a1784d3246380e6b3ebfe633af522730ff7d36642b2fd_ppc64le as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-prometheus-operator@sha256:e4a33dc7b6bf8326818a1784d3246380e6b3ebfe633af522730ff7d36642b2fd_ppc64le |
| Red Hat | openshift4/ose-cluster-kube-scheduler-operator@sha256:779af88f91ccc5fc1c339557359c3d5b1bfe43f9237edb177e216efb576b1729_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-cluster-kube-scheduler-operator@sha256:779af88f91ccc5fc1c339557359c3d5b1bfe43f9237edb177e216efb576b1729_amd64 |
| Red Hat | openshift4/ose-hypershift-rhel8@sha256:cb0b25fa2dbd5a420bd4b21824a4c48fda862dd24125926cadfb45da597ec231_arm64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-hypershift-rhel8@sha256:cb0b25fa2dbd5a420bd4b21824a4c48fda862dd24125926cadfb45da597ec231_arm64 |
| Red Hat | openshift4/ose-baremetal-installer-rhel8@sha256:e3f9a8320c2f57783565a7ada6ec90b7f513195f2ce2970ee36ce7873641c490_ppc64le as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-baremetal-installer-rhel8@sha256:e3f9a8320c2f57783565a7ada6ec90b7f513195f2ce2970ee36ce7873641c490_ppc64le |
| Red Hat | openshift4/ose-cluster-kube-controller-manager-operator@sha256:dd79acf9a4a2d639fdf2b90e1434a8d17ea933081e0fbb5ed6270e3e88301d23_s390x as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-cluster-kube-controller-manager-operator@sha256:dd79acf9a4a2d639fdf2b90e1434a8d17ea933081e0fbb5ed6270e3e88301d23_s390x |
| Red Hat | openshift4/ose-cluster-kube-apiserver-operator@sha256:63362cbc3c7dc8b5bffcbd4f3a69febac913a52ff0bd6598923955d4812b4938_arm64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-cluster-kube-apiserver-operator@sha256:63362cbc3c7dc8b5bffcbd4f3a69febac913a52ff0bd6598923955d4812b4938_arm64 |
| Red Hat | openshift4/ose-operator-marketplace@sha256:11de8a54201e8d843485ba692334da0d041af73587e5f929ae7180e48e9cdbd7_amd64 as a component of Red Hat OpenShift Container Platform 4.12 | openshift4/ose-operator-marketplace@sha256:11de8a54201e8d843485ba692334da0d041af73587e5f929ae7180e48e9cdbd7_amd64 |
…and 238 more
Timeline
- Feb 28, 2023 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 30, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2023:0890 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2060978 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2100495 issue
- https://issues.redhat.com/browse/OCPBUGS-4072 advisory
- https://issues.redhat.com/browse/OCPBUGS-5569 advisory
- https://issues.redhat.com/browse/OCPBUGS-5953 advisory
- https://issues.redhat.com/browse/OCPBUGS-5992 advisory
- https://issues.redhat.com/browse/OCPBUGS-6666 advisory
- https://issues.redhat.com/browse/OCPBUGS-6671 advisory
- https://issues.redhat.com/browse/OCPBUGS-6782 advisory
- https://issues.redhat.com/browse/OCPBUGS-6816 advisory
- https://issues.redhat.com/browse/OCPBUGS-6831 advisory
- https://issues.redhat.com/browse/OCPBUGS-6833 advisory
- https://issues.redhat.com/browse/OCPBUGS-6873 advisory
- https://issues.redhat.com/browse/OCPBUGS-6887 advisory
- https://issues.redhat.com/browse/OCPBUGS-6935 advisory
- https://issues.redhat.com/browse/OCPBUGS-6943 advisory
- https://issues.redhat.com/browse/OCPBUGS-6966 advisory
…and 19 more