VDB

RHSA-2023%3A4310

RHSA-2023%3A4310 PUBLISHED CVSS 7.5 HIGH

A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-cluster-policy-controller-rhel8@sha256:fa02c23d30f85a63e7132b020c650e53a6e51eae85e9357a9773f15c89d9bbb8_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-cluster-policy-controller-rhel8@sha256:fa02c23d30f85a63e7132b020c650e53a6e51eae85e9357a9773f15c89d9bbb8_amd64
Red Hatopenshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:500b13afbdf96bcca357e7bfe55438dfb2fdc07a639fcc95014f4366e151b07d_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:500b13afbdf96bcca357e7bfe55438dfb2fdc07a639fcc95014f4366e151b07d_amd64
Red Hatopenshift4/ose-csi-driver-manila-rhel8@sha256:29483751650427dce5ffd7822847f64b5fb176bb5e3c1ce1d3fb87d995286440_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-csi-driver-manila-rhel8@sha256:29483751650427dce5ffd7822847f64b5fb176bb5e3c1ce1d3fb87d995286440_amd64
Red Hatopenshift4/ose-cluster-openshift-apiserver-operator@sha256:a16bf8398fe11aa4002ab13f8555eccf1f145d2ea02721f54a861958ce8724a9_arm64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-cluster-openshift-apiserver-operator@sha256:a16bf8398fe11aa4002ab13f8555eccf1f145d2ea02721f54a861958ce8724a9_arm64
Red Hatopenshift4/ose-cli-artifacts@sha256:177ecbbf75a9ad93a236c3e6dc12a109abc65be0dd533840f94f6d5fdd73eba2_amd64 as a component of Red Hat OpenShift Container Platform 4.11*
Red Hatopenshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:18ca8336cb961cc9ce0229183aecddeb963d39af38046f5f315629b6b99d101e_arm64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:18ca8336cb961cc9ce0229183aecddeb963d39af38046f5f315629b6b99d101e_arm64
Red Hatopenshift4/ose-operator-lifecycle-manager@sha256:569c976d45f76d48ff57d2a7caca2914aaad009050aa1a00d6132cc2d7ec942d_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-operator-lifecycle-manager@sha256:569c976d45f76d48ff57d2a7caca2914aaad009050aa1a00d6132cc2d7ec942d_amd64
Red Hatopenshift4/ose-kube-state-metrics@sha256:f9611d34cae3bf3caf10ca14576e7cb7a41e34658e69aa9625c3ccb9c9072ce2_ppc64le as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-kube-state-metrics@sha256:f9611d34cae3bf3caf10ca14576e7cb7a41e34658e69aa9625c3ccb9c9072ce2_ppc64le
Red Hatopenshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:b3d13bafa4d85cd1d639b3794b94cf6238a21a52ffdfa931ea9605375e6b8afd_ppc64le as a component of Red Hat OpenShift Container Platform 4.11*
Red Hatopenshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:a3dac577d369f02316edb615a954f820568989589accec0d8891732e60f9f7c4_ppc64le as a component of Red Hat OpenShift Container Platform 4.11*
Red Hatopenshift4/ose-azure-disk-csi-driver-rhel8@sha256:039756ea3ff8e91d015c0cc872a93e4e1eca9d2e37f9332d0b1c018dc46224b0_arm64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-azure-disk-csi-driver-rhel8@sha256:039756ea3ff8e91d015c0cc872a93e4e1eca9d2e37f9332d0b1c018dc46224b0_arm64
Red Hatopenshift4/ose-csi-snapshot-controller@sha256:a6b98dc140fe646c29cfdac0f3b7feb831d3650ea7efc1b6514b84cf425959f0_ppc64le as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-csi-snapshot-controller@sha256:a6b98dc140fe646c29cfdac0f3b7feb831d3650ea7efc1b6514b84cf425959f0_ppc64le
Red Hatopenshift4/ose-cluster-machine-approver@sha256:7539e713fb6a6d59795e6f1ddffe5040464c1439a989b39635a464fbb2164297_arm64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-cluster-machine-approver@sha256:7539e713fb6a6d59795e6f1ddffe5040464c1439a989b39635a464fbb2164297_arm64
Red Hatopenshift4/ose-cluster-openshift-controller-manager-operator@sha256:367f86df18aab007afb3a06a90841958480315cb2c1cc8a81cdca3b5a71fb4c5_s390x as a component of Red Hat OpenShift Container Platform 4.11*
Red Hatopenshift4/ose-cluster-version-operator@sha256:786f8183e4d80503078180e28bcb034ce52967aef8a931cbca9ee8b32d76d8bc_ppc64le as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-cluster-version-operator@sha256:786f8183e4d80503078180e28bcb034ce52967aef8a931cbca9ee8b32d76d8bc_ppc64le
Red Hatopenshift4/ose-openshift-controller-manager-rhel8@sha256:acb2276cbbe9160dcef6dfbe43636479fae768b3de482792853a76cd98c15828_ppc64le as a component of Red Hat OpenShift Container Platform 4.11*
Red Hatopenshift4/ose-telemeter@sha256:4dcc105f34ba6146441353cf150c8ff4a8d4d5381125891bc0296b583fe0b9f9_amd64 as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-telemeter@sha256:4dcc105f34ba6146441353cf150c8ff4a8d4d5381125891bc0296b583fe0b9f9_amd64
Red Hatopenshift4/ose-kube-storage-version-migrator-rhel8@sha256:b7f82a2b1e5078bc2405fcbf3a3627d5f81c8ee3250a71fd4ccd204f88154b5f_amd64 as a component of Red Hat OpenShift Container Platform 4.11*
Red Hatopenshift4/ose-csi-external-attacher@sha256:5a819dccc0cab00045d878a81939b2f9b05a3dbcfa24394c5814b339bf733eb5_s390x as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-csi-external-attacher@sha256:5a819dccc0cab00045d878a81939b2f9b05a3dbcfa24394c5814b339bf733eb5_s390x
Red Hatopenshift4/ose-cluster-node-tuning-operator@sha256:ba6e4fd627fbe01279599c2c3ea72f843494b6296101ba9fd18d75453beae7de_ppc64le as a component of Red Hat OpenShift Container Platform 4.11openshift4/ose-cluster-node-tuning-operator@sha256:ba6e4fd627fbe01279599c2c3ea72f843494b6296101ba9fd18d75453beae7de_ppc64le

…and 1116 more

Timeline

  • Aug 2, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›