VDB

RHSA-2023%3A0890

RHSA-2023%3A0890 PUBLISHED CVSS 7.5 HIGH

A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-docker-builder@sha256:4d1d6e3c42969febd68a6bb165d040c50d8482a58956f5cc7e54df19dc60a05b_amd64 as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/ose-cluster-storage-operator@sha256:55ca28fcce44d3909136dd143ff985953755e808ccc0ad46bb936f16ca851e14_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-cluster-storage-operator@sha256:55ca28fcce44d3909136dd143ff985953755e808ccc0ad46bb936f16ca851e14_s390x
Red Hatopenshift4/ose-hypershift-rhel8@sha256:a6144b5148789cb8e7468738402d2741e8dae070cff3e635310f65b18efe1871_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-hypershift-rhel8@sha256:a6144b5148789cb8e7468738402d2741e8dae070cff3e635310f65b18efe1871_amd64
Red Hatopenshift4/driver-toolkit-rhel8@sha256:df42b4785a7a662b30da53bdb0d206120cf4d24b45674227b16051ba4b7c3934_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/driver-toolkit-rhel8@sha256:df42b4785a7a662b30da53bdb0d206120cf4d24b45674227b16051ba4b7c3934_amd64
Red Hatopenshift4/ose-baremetal-installer-rhel8@sha256:3000ff52beee58fe3ec501f4649ff8029904f1e851f27a8a484d406764ad7eb8_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-baremetal-installer-rhel8@sha256:3000ff52beee58fe3ec501f4649ff8029904f1e851f27a8a484d406764ad7eb8_amd64
Red Hatopenshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:a6fc71263662f0b26ab7ec1f772323b740d8f0bc6079ba516537b02d9b48e26a_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:a6fc71263662f0b26ab7ec1f772323b740d8f0bc6079ba516537b02d9b48e26a_s390x
Red Hatopenshift4/ose-haproxy-router@sha256:51f00c0886cef5f1975238c058b7d3ab18099fe0029a28eb29f27515aba8681a_s390x as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/ose-console@sha256:b9f1ed9e892270c6d8083487bd612fc207fcb90c2752fa89426e25f45e7c1c0b_arm64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-console@sha256:b9f1ed9e892270c6d8083487bd612fc207fcb90c2752fa89426e25f45e7c1c0b_arm64
Red Hatopenshift4/ose-ovn-kubernetes@sha256:22ae12dfd7dcfb1b7a929bd4eba3405464b9e8439f62719569c136b6f3388521_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-ovn-kubernetes@sha256:22ae12dfd7dcfb1b7a929bd4eba3405464b9e8439f62719569c136b6f3388521_amd64
Red Hatopenshift4/ose-hypershift-rhel8@sha256:17fbbc414543ca9ed3244e723d629c7d4ea2ea036c315f819e06c773ee5a4bf9_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-hypershift-rhel8@sha256:17fbbc414543ca9ed3244e723d629c7d4ea2ea036c315f819e06c773ee5a4bf9_ppc64le
Red Hatopenshift4/ose-cluster-network-operator@sha256:9e533687d28fd847ef7204dd2b96ab8f3337792f110ab3f7488280c9cce7bb33_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-cluster-network-operator@sha256:9e533687d28fd847ef7204dd2b96ab8f3337792f110ab3f7488280c9cce7bb33_s390x
Red Hatopenshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:7ba4345961105cf7421122b7ae92752df2a0c462ef8379f3bdd30ef0f4e327b0_arm64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:7ba4345961105cf7421122b7ae92752df2a0c462ef8379f3bdd30ef0f4e327b0_arm64
Red Hatopenshift4/ose-cluster-kube-controller-manager-operator@sha256:009e95dc03680d408b1db99abc9aa9874963318314fadba013c9044ed4474837_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-cluster-kube-controller-manager-operator@sha256:009e95dc03680d408b1db99abc9aa9874963318314fadba013c9044ed4474837_ppc64le
Red Hatopenshift4/ose-prometheus-operator@sha256:e4a33dc7b6bf8326818a1784d3246380e6b3ebfe633af522730ff7d36642b2fd_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-prometheus-operator@sha256:e4a33dc7b6bf8326818a1784d3246380e6b3ebfe633af522730ff7d36642b2fd_ppc64le
Red Hatopenshift4/ose-cluster-kube-scheduler-operator@sha256:779af88f91ccc5fc1c339557359c3d5b1bfe43f9237edb177e216efb576b1729_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-cluster-kube-scheduler-operator@sha256:779af88f91ccc5fc1c339557359c3d5b1bfe43f9237edb177e216efb576b1729_amd64
Red Hatopenshift4/ose-hypershift-rhel8@sha256:cb0b25fa2dbd5a420bd4b21824a4c48fda862dd24125926cadfb45da597ec231_arm64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-hypershift-rhel8@sha256:cb0b25fa2dbd5a420bd4b21824a4c48fda862dd24125926cadfb45da597ec231_arm64
Red Hatopenshift4/ose-baremetal-installer-rhel8@sha256:e3f9a8320c2f57783565a7ada6ec90b7f513195f2ce2970ee36ce7873641c490_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-baremetal-installer-rhel8@sha256:e3f9a8320c2f57783565a7ada6ec90b7f513195f2ce2970ee36ce7873641c490_ppc64le
Red Hatopenshift4/ose-cluster-kube-controller-manager-operator@sha256:dd79acf9a4a2d639fdf2b90e1434a8d17ea933081e0fbb5ed6270e3e88301d23_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-cluster-kube-controller-manager-operator@sha256:dd79acf9a4a2d639fdf2b90e1434a8d17ea933081e0fbb5ed6270e3e88301d23_s390x
Red Hatopenshift4/ose-cluster-kube-apiserver-operator@sha256:63362cbc3c7dc8b5bffcbd4f3a69febac913a52ff0bd6598923955d4812b4938_arm64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-cluster-kube-apiserver-operator@sha256:63362cbc3c7dc8b5bffcbd4f3a69febac913a52ff0bd6598923955d4812b4938_arm64
Red Hatopenshift4/ose-operator-marketplace@sha256:11de8a54201e8d843485ba692334da0d041af73587e5f929ae7180e48e9cdbd7_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-operator-marketplace@sha256:11de8a54201e8d843485ba692334da0d041af73587e5f929ae7180e48e9cdbd7_amd64

…and 238 more

Timeline

  • Feb 28, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›