VDB

RHSA-2023%3A4603

RHSA-2023%3A4603 PUBLISHED CVSS 7.5 HIGH

A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/driver-toolkit-rhel9@sha256:1429a811ccf69ea7c900fc51f5ec4f3d27d08dd60926c62f927291408aae291d_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/driver-toolkit-rhel9@sha256:1429a811ccf69ea7c900fc51f5ec4f3d27d08dd60926c62f927291408aae291d_ppc64le, openshift4/driver-toolkit-rhel9@sha256:1429a811ccf69ea7c900fc51f5ec4f3d27d08dd60926c62f927291408aae291d_ppc64le, openshift4/driver-toolkit-rhel9@sha256:1429a811ccf69ea7c900fc51f5ec4f3d27d08dd60926c62f927291408aae291d_ppc64le
Red Hatopenshift4/ose-ironic-agent-rhel9@sha256:e1df91dd54794619d000e01244f198fb8232638fc2f6a5a91cc8649ade925d6b_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-ironic-agent-rhel9@sha256:e1df91dd54794619d000e01244f198fb8232638fc2f6a5a91cc8649ade925d6b_arm64, openshift4/ose-ironic-agent-rhel9@sha256:e1df91dd54794619d000e01244f198fb8232638fc2f6a5a91cc8649ade925d6b_arm64, openshift4/ose-ironic-agent-rhel9@sha256:e1df91dd54794619d000e01244f198fb8232638fc2f6a5a91cc8649ade925d6b_arm64
Red Hatopenshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:ef5261ada62933d3f0a882b66df758e50a91c872df08f466cc980325f86d15dc_s390x as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:ef5261ada62933d3f0a882b66df758e50a91c872df08f466cc980325f86d15dc_s390x, openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:ef5261ada62933d3f0a882b66df758e50a91c872df08f466cc980325f86d15dc_s390x, openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:ef5261ada62933d3f0a882b66df758e50a91c872df08f466cc980325f86d15dc_s390x
Red Hatopenshift4/driver-toolkit-rhel9@sha256:bbb170e48cc0b86b39bbca81d6a1a44c42b7e28d1475550f5e316d514b99038a_s390x as a component of Red Hat OpenShift Container Platform 4.13*, *, openshift4/driver-toolkit-rhel9@sha256:bbb170e48cc0b86b39bbca81d6a1a44c42b7e28d1475550f5e316d514b99038a_s390x
Red Hatopenshift4/ose-ovn-kubernetes@sha256:4b84a9489275cd767349ff95cc0b8b5ade73bef626dea8b941b0cea8bbb5ac96_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-ovn-kubernetes@sha256:4b84a9489275cd767349ff95cc0b8b5ade73bef626dea8b941b0cea8bbb5ac96_amd64, openshift4/ose-ovn-kubernetes@sha256:4b84a9489275cd767349ff95cc0b8b5ade73bef626dea8b941b0cea8bbb5ac96_amd64, *
Red Hatopenshift4/ose-cluster-ingress-operator@sha256:fa7fe8574dc03b35a7598b361a2de67c8aeabbd4ed32ba82f08a6cbecf5585f5_ppc64le as a component of Red Hat OpenShift Container Platform 4.13*, openshift4/ose-cluster-ingress-operator@sha256:fa7fe8574dc03b35a7598b361a2de67c8aeabbd4ed32ba82f08a6cbecf5585f5_ppc64le, openshift4/ose-cluster-ingress-operator@sha256:fa7fe8574dc03b35a7598b361a2de67c8aeabbd4ed32ba82f08a6cbecf5585f5_ppc64le
Red Hatopenshift4/ose-hyperkube@sha256:5cad049b6d9cdd261d7449378cdbc57bc8cecc49fb036e7e745d886cbac94ad3_s390x as a component of Red Hat OpenShift Container Platform 4.13*, *, openshift4/ose-hyperkube@sha256:5cad049b6d9cdd261d7449378cdbc57bc8cecc49fb036e7e745d886cbac94ad3_s390x
Red Hatopenshift4/ose-ironic-machine-os-downloader-rhel9@sha256:228704df1acd33ab144b488d4bb0560f60dd4ea082d4e47bb685559f0b7da028_amd64 as a component of Red Hat OpenShift Container Platform 4.13*, *, *
Red Hatopenshift4/ose-ovn-kubernetes@sha256:c1bb97e1b22bb78dcd682f952859b8279824d862cc318361b43929cc5a8ca30e_arm64 as a component of Red Hat OpenShift Container Platform 4.13*, *, openshift4/ose-ovn-kubernetes@sha256:c1bb97e1b22bb78dcd682f952859b8279824d862cc318361b43929cc5a8ca30e_arm64
Red Hatopenshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:71115d4b27dab927bf42629fae92a98625270ce63be1308c515957ee5c992a1d_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:71115d4b27dab927bf42629fae92a98625270ce63be1308c515957ee5c992a1d_amd64, openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:71115d4b27dab927bf42629fae92a98625270ce63be1308c515957ee5c992a1d_amd64, openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:71115d4b27dab927bf42629fae92a98625270ce63be1308c515957ee5c992a1d_amd64
Red Hatopenshift4/ose-ovn-kubernetes@sha256:6693c41e1ca6772ea01a4d1d1917011deeab2bc95eeda2db95a7667164dce4c2_s390x as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-ovn-kubernetes@sha256:6693c41e1ca6772ea01a4d1d1917011deeab2bc95eeda2db95a7667164dce4c2_s390x, openshift4/ose-ovn-kubernetes@sha256:6693c41e1ca6772ea01a4d1d1917011deeab2bc95eeda2db95a7667164dce4c2_s390x, openshift4/ose-ovn-kubernetes@sha256:6693c41e1ca6772ea01a4d1d1917011deeab2bc95eeda2db95a7667164dce4c2_s390x
Red Hatopenshift4/ose-machine-config-operator@sha256:eba22f67551d60674a8c9550b9284f2a0540b2a69f5e3c12b7cb2d943684b2a3_amd64 as a component of Red Hat OpenShift Container Platform 4.13*, openshift4/ose-machine-config-operator@sha256:eba22f67551d60674a8c9550b9284f2a0540b2a69f5e3c12b7cb2d943684b2a3_amd64, *
Red Hatopenshift4/ose-cluster-ingress-operator@sha256:fa7fe8574dc03b35a7598b361a2de67c8aeabbd4ed32ba82f08a6cbecf5585f5_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-ingress-operator@sha256:fa7fe8574dc03b35a7598b361a2de67c8aeabbd4ed32ba82f08a6cbecf5585f5_ppc64le, *, *
Red Hatopenshift4/ose-cluster-config-operator@sha256:eca8ff8183d8a51881d0341feea30db34e76b9c22099b8fe6b1942678c3d5f25_s390x as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-config-operator@sha256:eca8ff8183d8a51881d0341feea30db34e76b9c22099b8fe6b1942678c3d5f25_s390x, openshift4/ose-cluster-config-operator@sha256:eca8ff8183d8a51881d0341feea30db34e76b9c22099b8fe6b1942678c3d5f25_s390x, openshift4/ose-cluster-config-operator@sha256:eca8ff8183d8a51881d0341feea30db34e76b9c22099b8fe6b1942678c3d5f25_s390x
Red Hatopenshift4/ose-cluster-ingress-operator@sha256:70a9fb28fa594cac7529ad506e066168d9560a5bcd06e7e8af76b368063380b2_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-ingress-operator@sha256:70a9fb28fa594cac7529ad506e066168d9560a5bcd06e7e8af76b368063380b2_arm64, openshift4/ose-cluster-ingress-operator@sha256:70a9fb28fa594cac7529ad506e066168d9560a5bcd06e7e8af76b368063380b2_arm64, openshift4/ose-cluster-ingress-operator@sha256:70a9fb28fa594cac7529ad506e066168d9560a5bcd06e7e8af76b368063380b2_arm64
Red Hatopenshift4/ose-ironic-machine-os-downloader-rhel9@sha256:e3d1335f73cdf23e92c8f29e6f52a4f2339c33cd17b904d9e180abb63730cf59_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:e3d1335f73cdf23e92c8f29e6f52a4f2339c33cd17b904d9e180abb63730cf59_arm64, openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:e3d1335f73cdf23e92c8f29e6f52a4f2339c33cd17b904d9e180abb63730cf59_arm64, openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:e3d1335f73cdf23e92c8f29e6f52a4f2339c33cd17b904d9e180abb63730cf59_arm64
Red Hatopenshift4/ose-cluster-config-operator@sha256:8e75e1137ca5e1cee5d8204917159e6a11f2cf22eb9f138f7665fa9ca1732471_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-config-operator@sha256:8e75e1137ca5e1cee5d8204917159e6a11f2cf22eb9f138f7665fa9ca1732471_arm64, openshift4/ose-cluster-config-operator@sha256:8e75e1137ca5e1cee5d8204917159e6a11f2cf22eb9f138f7665fa9ca1732471_arm64, openshift4/ose-cluster-config-operator@sha256:8e75e1137ca5e1cee5d8204917159e6a11f2cf22eb9f138f7665fa9ca1732471_arm64
Red Hatopenshift4/ose-machine-os-images-rhel8@sha256:16fde40b0b1c46a03f11483a913e2c6207406ad37d95dfe0f5854020f4871827_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-machine-os-images-rhel8@sha256:16fde40b0b1c46a03f11483a913e2c6207406ad37d95dfe0f5854020f4871827_ppc64le, openshift4/ose-machine-os-images-rhel8@sha256:16fde40b0b1c46a03f11483a913e2c6207406ad37d95dfe0f5854020f4871827_ppc64le, openshift4/ose-machine-os-images-rhel8@sha256:16fde40b0b1c46a03f11483a913e2c6207406ad37d95dfe0f5854020f4871827_ppc64le
Red Hatopenshift4/ose-baremetal-rhel8-operator@sha256:c6ba0ef96f6d46f840abd7dfa07bfe482a512ee445ff834b0025c817b7135b39_arm64 as a component of Red Hat OpenShift Container Platform 4.13*, openshift4/ose-baremetal-rhel8-operator@sha256:c6ba0ef96f6d46f840abd7dfa07bfe482a512ee445ff834b0025c817b7135b39_arm64, *
Red Hatopenshift4/ose-ironic-rhel9@sha256:6d7f2714695ffdeec935ef56e560511dc02e979899758ccff10c275ddae56036_amd64 as a component of Red Hat OpenShift Container Platform 4.13*, openshift4/ose-ironic-rhel9@sha256:6d7f2714695ffdeec935ef56e560511dc02e979899758ccff10c275ddae56036_amd64, openshift4/ose-ironic-rhel9@sha256:6d7f2714695ffdeec935ef56e560511dc02e979899758ccff10c275ddae56036_amd64

…and 163 more

Exploit Intelligence

Timeline

  • Aug 16, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 20, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›