VDB

RHSA-2024%3A0281

RHSA-2024%3A0281 PUBLISHED CVSS 5.300000190734863 MEDIUM

A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).

Risk Scores

CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products

VendorProductVersions
Red Hatopenshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:959d5567fa57212bb1d707c6cd0b67d47af4431d7b567f81bcb7e19892fdde30_amd64 as a component of OSSO 1.2 for RHEL 9openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:959d5567fa57212bb1d707c6cd0b67d47af4431d7b567f81bcb7e19892fdde30_amd64, openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:959d5567fa57212bb1d707c6cd0b67d47af4431d7b567f81bcb7e19892fdde30_amd64, openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:959d5567fa57212bb1d707c6cd0b67d47af4431d7b567f81bcb7e19892fdde30_amd64
Red Hatopenshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:959d5567fa57212bb1d707c6cd0b67d47af4431d7b567f81bcb7e19892fdde30_amd64 as a component of OSSO 1.2 for RHEL 9*, *, openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle@sha256:959d5567fa57212bb1d707c6cd0b67d47af4431d7b567f81bcb7e19892fdde30_amd64
Red Hatopenshift-secondary-scheduler-operator/secondary-scheduler-rhel9-operator@sha256:b085cface9e8b74c3a2588ac70ccb1ea75740065aa006d2993c7f7295154c9dc_amd64 as a component of OSSO 1.2 for RHEL 9openshift-secondary-scheduler-operator/secondary-scheduler-rhel9-operator@sha256:b085cface9e8b74c3a2588ac70ccb1ea75740065aa006d2993c7f7295154c9dc_amd64, openshift-secondary-scheduler-operator/secondary-scheduler-rhel9-operator@sha256:b085cface9e8b74c3a2588ac70ccb1ea75740065aa006d2993c7f7295154c9dc_amd64, openshift-secondary-scheduler-operator/secondary-scheduler-rhel9-operator@sha256:b085cface9e8b74c3a2588ac70ccb1ea75740065aa006d2993c7f7295154c9dc_amd64
Red Hatopenshift-secondary-scheduler-operator/secondary-scheduler-rhel9-operator@sha256:b085cface9e8b74c3a2588ac70ccb1ea75740065aa006d2993c7f7295154c9dc_amd64 as a component of OSSO 1.2 for RHEL 9openshift-secondary-scheduler-operator/secondary-scheduler-rhel9-operator@sha256:b085cface9e8b74c3a2588ac70ccb1ea75740065aa006d2993c7f7295154c9dc_amd64, *, *

Timeline

  • Mar 6, 2024 CVE Published
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • May 19, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›