VDB

RHSA-2023%3A1310

RHSA-2023%3A1310 PUBLISHED CVSS 5.300000190734863 MEDIUM

A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.

Risk Scores

CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products

VendorProductVersions
Red Hatopenshift-logging/logging-view-plugin-rhel8@sha256:d0c04934018c8c1409e4a7ff41c3c1b002f33a6a5837a5d628a779626a4466ff_amd64 as a component of RHOL 5.5 for RHEL 8openshift-logging/logging-view-plugin-rhel8@sha256:d0c04934018c8c1409e4a7ff41c3c1b002f33a6a5837a5d628a779626a4466ff_amd64
Red Hatopenshift-logging/fluentd-rhel8@sha256:7ba453711bbfa2bde1ab759d77eef773fa7bda16d4dc5e305025175d1ff96edc_ppc64le as a component of RHOL 5.5 for RHEL 8openshift-logging/fluentd-rhel8@sha256:7ba453711bbfa2bde1ab759d77eef773fa7bda16d4dc5e305025175d1ff96edc_ppc64le
Red Hatopenshift-logging/kibana6-rhel8@sha256:a75e1dc70df128550b4ed4c12d96038f8383b8545de734ecce9027adc1ce1a35_ppc64le as a component of RHOL 5.5 for RHEL 8*
Red Hatopenshift-logging/kibana6-rhel8@sha256:10722dc15493513ac834200593930eb93a6b231a16365dd92e5b117570a472f7_s390x as a component of RHOL 5.5 for RHEL 8*
Red Hatopenshift-logging/log-file-metric-exporter-rhel8@sha256:2382d3a838eeb88c6df26747b86e818c13f78212803d24b6186764c975717a6e_amd64 as a component of RHOL 5.5 for RHEL 8openshift-logging/log-file-metric-exporter-rhel8@sha256:2382d3a838eeb88c6df26747b86e818c13f78212803d24b6186764c975717a6e_amd64
Red Hatopenshift-logging/elasticsearch6-rhel8@sha256:01fea4b904e5081994feca65f14a113bee7402e6f9e32c86de56d78892069248_amd64 as a component of RHOL 5.5 for RHEL 8openshift-logging/elasticsearch6-rhel8@sha256:01fea4b904e5081994feca65f14a113bee7402e6f9e32c86de56d78892069248_amd64
Red Hatopenshift-logging/logging-view-plugin-rhel8@sha256:9bb6a3e6085a9f1c62276f6fc816b281340d9064a08eeac8dba107b43270c13b_arm64 as a component of RHOL 5.5 for RHEL 8openshift-logging/logging-view-plugin-rhel8@sha256:9bb6a3e6085a9f1c62276f6fc816b281340d9064a08eeac8dba107b43270c13b_arm64
Red Hatopenshift-logging/elasticsearch-proxy-rhel8@sha256:22aeaaee7f95e69f14732084758be53e37734a65a1c02dd05143d56654167968_ppc64le as a component of RHOL 5.5 for RHEL 8openshift-logging/elasticsearch-proxy-rhel8@sha256:22aeaaee7f95e69f14732084758be53e37734a65a1c02dd05143d56654167968_ppc64le
Red Hatopenshift-logging/opa-openshift-rhel8@sha256:8ccdc6e5f1dd5a4e31e7f546abb47993ed95487860af01e1ed4bea3a1b28ff51_ppc64le as a component of RHOL 5.5 for RHEL 8openshift-logging/opa-openshift-rhel8@sha256:8ccdc6e5f1dd5a4e31e7f546abb47993ed95487860af01e1ed4bea3a1b28ff51_ppc64le
Red Hatopenshift-logging/opa-openshift-rhel8@sha256:280c2a3d668341679a88de4922b3d9916b7f423efd2aee5c4b7be7d0d7223434_amd64 as a component of RHOL 5.5 for RHEL 8openshift-logging/opa-openshift-rhel8@sha256:280c2a3d668341679a88de4922b3d9916b7f423efd2aee5c4b7be7d0d7223434_amd64
Red Hatopenshift-logging/logging-loki-rhel8@sha256:bdaef9fea459531f4b786f922eb07f0e68a57a4ef60d28f3219b1e5d380087ac_ppc64le as a component of RHOL 5.5 for RHEL 8openshift-logging/logging-loki-rhel8@sha256:bdaef9fea459531f4b786f922eb07f0e68a57a4ef60d28f3219b1e5d380087ac_ppc64le
Red Hatopenshift-logging/eventrouter-rhel8@sha256:e51150b8d08b80036d68631f9fc91e9da331725d58c65699090c5dd0d7f338e5_amd64 as a component of RHOL 5.5 for RHEL 8openshift-logging/eventrouter-rhel8@sha256:e51150b8d08b80036d68631f9fc91e9da331725d58c65699090c5dd0d7f338e5_amd64
Red Hatopenshift-logging/loki-rhel8-operator@sha256:0a30ca84f0bfe7125b3a3233053b73cb4c8a85359b45d11a1bfdb5d54de05579_arm64 as a component of RHOL 5.5 for RHEL 8openshift-logging/loki-rhel8-operator@sha256:0a30ca84f0bfe7125b3a3233053b73cb4c8a85359b45d11a1bfdb5d54de05579_arm64
Red Hatopenshift-logging/vector-rhel8@sha256:c69856e661af2bf9f49d4beedbd705e3f73a106814e09fbd79eb0c91dae3eb32_amd64 as a component of RHOL 5.5 for RHEL 8*
Red Hatopenshift-logging/lokistack-gateway-rhel8@sha256:505bb6e8390f1bf6faa4d9886d7b3bac3b38ef5a3b44d030f75a6389709054ea_s390x as a component of RHOL 5.5 for RHEL 8openshift-logging/lokistack-gateway-rhel8@sha256:505bb6e8390f1bf6faa4d9886d7b3bac3b38ef5a3b44d030f75a6389709054ea_s390x
Red Hatopenshift-logging/eventrouter-rhel8@sha256:abc73d7c56ac041fb666c0fcd954cbdd5bb1e7f5574ae8f44d110d9464d63e53_ppc64le as a component of RHOL 5.5 for RHEL 8openshift-logging/eventrouter-rhel8@sha256:abc73d7c56ac041fb666c0fcd954cbdd5bb1e7f5574ae8f44d110d9464d63e53_ppc64le
Red Hatopenshift-logging/elasticsearch-proxy-rhel8@sha256:ca144406aa4d66149d9c530f245c11eb753b0a20a2f09411202b19f238d474ae_amd64 as a component of RHOL 5.5 for RHEL 8openshift-logging/elasticsearch-proxy-rhel8@sha256:ca144406aa4d66149d9c530f245c11eb753b0a20a2f09411202b19f238d474ae_amd64
Red Hatopenshift-logging/loki-rhel8-operator@sha256:fe586c119e3273fc8014d297e7634943d92705af2beb09557fbec5d39f59ff6e_ppc64le as a component of RHOL 5.5 for RHEL 8*
Red Hatopenshift-logging/elasticsearch-proxy-rhel8@sha256:ca144406aa4d66149d9c530f245c11eb753b0a20a2f09411202b19f238d474ae_amd64 as a component of RHOL 5.5 for RHEL 8openshift-logging/elasticsearch-proxy-rhel8@sha256:ca144406aa4d66149d9c530f245c11eb753b0a20a2f09411202b19f238d474ae_amd64
Red Hatopenshift-logging/log-file-metric-exporter-rhel8@sha256:2382d3a838eeb88c6df26747b86e818c13f78212803d24b6186764c975717a6e_amd64 as a component of RHOL 5.5 for RHEL 8openshift-logging/log-file-metric-exporter-rhel8@sha256:2382d3a838eeb88c6df26747b86e818c13f78212803d24b6186764c975717a6e_amd64

…and 106 more

Timeline

  • Mar 29, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›