VDB

RHSA-2024%3A0740

RHSA-2024%3A0740 PUBLISHED CVSS 7.5 HIGH

A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ingress-node-firewall-rhel8-operator@sha256:d9bb4b9581362876de0353297d78e21ce0d66954b62fb3945e1c9d4a0825b8f3_arm64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-helm-operator@sha256:d60fe156c3e6bf00831761bb4adf1d977972a5de2aac6065c288fc6f8b29aadb_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-helm-operator@sha256:d60fe156c3e6bf00831761bb4adf1d977972a5de2aac6065c288fc6f8b29aadb_ppc64le
Red Hatopenshift4/ose-clusterresourceoverride-rhel8@sha256:f3473e692519e1bb8be303b149db43053658debf51ece65e1aebd2e67e7d1648_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-clusterresourceoverride-rhel8@sha256:f3473e692519e1bb8be303b149db43053658debf51ece65e1aebd2e67e7d1648_arm64
Red Hatopenshift4/ose-local-storage-operator@sha256:abd477f4707e0e929f407d3ade840b47700f60ed38791640ad3b501677112e61_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-local-storage-operator@sha256:abd477f4707e0e929f407d3ade840b47700f60ed38791640ad3b501677112e61_ppc64le
Red Hatopenshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:f3fb4cbb46725421f9f68d4576ba4532dc3ba92ba3c733af11020ea049511788_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:f3fb4cbb46725421f9f68d4576ba4532dc3ba92ba3c733af11020ea049511788_arm64
Red Hatopenshift4/ose-gcp-filestore-csi-driver-rhel8@sha256:a4975d092b6e8673073674f309709ec6e16c3625458fcec633b365834f1ec616_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-gcp-filestore-csi-driver-rhel8@sha256:a4975d092b6e8673073674f309709ec6e16c3625458fcec633b365834f1ec616_ppc64le
Red Hatopenshift4/ose-local-storage-operator@sha256:5f42d462dcbc0f6aca229c1856e6224d37d09dd4b895df55b7ca04486323a3ba_s390x as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-operator-sdk-rhel8@sha256:db21ead6e70d66d94a7f1592c0e0e7e517f02e040fc37d6776863ef1b23baab4_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-operator-sdk-rhel8@sha256:db21ead6e70d66d94a7f1592c0e0e7e517f02e040fc37d6776863ef1b23baab4_ppc64le
Red Hatopenshift4/ose-openshift-proxy-pull-test-rhel8@sha256:ec832a375bef6823c9d55cc38f9a0b66b245d8d0258f6bb8b707bab4df21c52d_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:ec832a375bef6823c9d55cc38f9a0b66b245d8d0258f6bb8b707bab4df21c52d_arm64
Red Hatopenshift4/ose-local-storage-mustgather-rhel8@sha256:15f0061d301251df9e344277455bb8d29826f79406f442791ef14b75ead9c20e_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-local-storage-mustgather-rhel8@sha256:15f0061d301251df9e344277455bb8d29826f79406f442791ef14b75ead9c20e_amd64
Red Hatopenshift4/ose-egress-router@sha256:715b01ad115e9e95993e9a2440c6be9455fcfcdf0c2f11a3e4162d33e7798e6e_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-egress-router@sha256:715b01ad115e9e95993e9a2440c6be9455fcfcdf0c2f11a3e4162d33e7798e6e_arm64
Red Hatopenshift4/ose-sriov-network-config-daemon@sha256:32604e2cf46b41e1451e82b7f69ed5e3d834c5e75e6ae770f27802f11d248f8d_ppc64le as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-ptp-operator@sha256:efdb4e62a7e8d2a95c1c497dccf0c3b22fd826334d902eb9ef476a72ed0e6690_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-ptp-operator@sha256:efdb4e62a7e8d2a95c1c497dccf0c3b22fd826334d902eb9ef476a72ed0e6690_ppc64le
Red Hatopenshift4/ose-cluster-kube-descheduler-operator@sha256:c0c6dabbe42dd0339183ae50754ce9381b76079da6d7104f154f351beacd31b1_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-kube-descheduler-operator@sha256:c0c6dabbe42dd0339183ae50754ce9381b76079da6d7104f154f351beacd31b1_ppc64le
Red Hatopenshift4/ingress-node-firewall@sha256:934c680653a5a0f538ad71435dd8609bb9fbbf2bdead0d88ac578d905a56a05d_arm64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-cloud-event-proxy@sha256:89a115120bed14561712319750a203bde32711536b9afcd74bb43eccdec28522_amd64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-sriov-network-operator@sha256:0421aa4c9c5655d0ec769d80abce6c286187abe9db9ce3f6cf67c2810d40a684_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-sriov-network-operator@sha256:0421aa4c9c5655d0ec769d80abce6c286187abe9db9ce3f6cf67c2810d40a684_amd64
Red Hatopenshift4/ose-egress-dns-proxy@sha256:748953836ef59d8aae304c9ae3fb07ce66c7b7b698916616c96a6a029edd90e4_ppc64le as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-gcp-filestore-csi-driver-rhel8@sha256:8e9a4a02446725cce6c8990e5a5e8c560e0066de5815b8ceba544ebd81847f25_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-gcp-filestore-csi-driver-rhel8@sha256:8e9a4a02446725cce6c8990e5a5e8c560e0066de5815b8ceba544ebd81847f25_amd64
Red Hatopenshift4/ose-vertical-pod-autoscaler-rhel8@sha256:454036038f6bd5c16870a51086697179a7631557be5286619a57a12841cebcec_s390x as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:454036038f6bd5c16870a51086697179a7631557be5286619a57a12841cebcec_s390x

…and 128 more

Timeline

  • Feb 14, 2024 CVE Published
  • Apr 24, 2026 CVE Updated
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›