VDB

RHSA-2024%3A1328

RHSA-2024%3A1328 PUBLISHED CVSS 7.5 HIGH

A memory leak was found in the otelhttp handler of open-telemetry. This flaw allows a remote, unauthenticated attacker to exhaust the server's memory by sending many malicious requests, affecting the availability.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatrhacm2/governance-policy-propagator-rhel8@sha256:8d54ced92c84730df3e20cabc8d97ea9e6cfd6c2c1b30cea78ae3171d75af4ab_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/governance-policy-propagator-rhel8@sha256:8d54ced92c84730df3e20cabc8d97ea9e6cfd6c2c1b30cea78ae3171d75af4ab_arm64, *
Red Hatrhacm2/observatorium-rhel8@sha256:376964affe86b1476ae8ef019f6fa0f46047f0eeb8fa4cac3001c47396c6ceb5_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8*, rhacm2/observatorium-rhel8@sha256:376964affe86b1476ae8ef019f6fa0f46047f0eeb8fa4cac3001c47396c6ceb5_arm64, *
Red Hatrhacm2/endpoint-monitoring-rhel8-operator@sha256:b15280e85e0f50e3c06968389099e73c1747f29767f4587ac3563a9784fd840d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/endpoint-monitoring-rhel8-operator@sha256:b15280e85e0f50e3c06968389099e73c1747f29767f4587ac3563a9784fd840d_arm64, rhacm2/endpoint-monitoring-rhel8-operator@sha256:b15280e85e0f50e3c06968389099e73c1747f29767f4587ac3563a9784fd840d_arm64
Red Hatrhacm2/multicluster-operators-subscription-rhel8@sha256:181616a21de62965424cbb6e9c471b069e03a239c4d600485475a587a93993f2_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/multicluster-operators-subscription-rhel8@sha256:181616a21de62965424cbb6e9c471b069e03a239c4d600485475a587a93993f2_arm64, *
Red Hatrhacm2/insights-metrics-rhel8@sha256:64c55d751f4733fa1e1f6cb50f26bcf3cb21df8f5fa3dd319c3fef0019b34320_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/insights-metrics-rhel8@sha256:64c55d751f4733fa1e1f6cb50f26bcf3cb21df8f5fa3dd319c3fef0019b34320_amd64, rhacm2/insights-metrics-rhel8@sha256:64c55d751f4733fa1e1f6cb50f26bcf3cb21df8f5fa3dd319c3fef0019b34320_amd64
Red Hatrhacm2/multicluster-operators-application-rhel8@sha256:df7e602538ba315f88f3537dd515d97a4c7e15ba78f5db582088a9dac00bccca_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/multicluster-operators-application-rhel8@sha256:df7e602538ba315f88f3537dd515d97a4c7e15ba78f5db582088a9dac00bccca_arm64, *
Red Hatrhacm2/memcached-exporter-rhel8@sha256:8ac59e0c8c129bbd7cbd22cca9d176564493cdf87f96131ea9c52b173acf368f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8*, rhacm2/memcached-exporter-rhel8@sha256:8ac59e0c8c129bbd7cbd22cca9d176564493cdf87f96131ea9c52b173acf368f_s390x, rhacm2/memcached-exporter-rhel8@sha256:8ac59e0c8c129bbd7cbd22cca9d176564493cdf87f96131ea9c52b173acf368f_s390x
Red Hatrhacm2/config-policy-controller-rhel8@sha256:f086cec9f612bcba2fbb197bce2e93606e272d65ef45c2516b80b359b36b9c49_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/config-policy-controller-rhel8@sha256:f086cec9f612bcba2fbb197bce2e93606e272d65ef45c2516b80b359b36b9c49_arm64, rhacm2/config-policy-controller-rhel8@sha256:f086cec9f612bcba2fbb197bce2e93606e272d65ef45c2516b80b359b36b9c49_arm64
Red Hatrhacm2/insights-metrics-rhel8@sha256:6355ad57681af49c51b648402143cf225853e45a6c9aae1963c7e6dd20938b9d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/insights-metrics-rhel8@sha256:6355ad57681af49c51b648402143cf225853e45a6c9aae1963c7e6dd20938b9d_s390x, rhacm2/insights-metrics-rhel8@sha256:6355ad57681af49c51b648402143cf225853e45a6c9aae1963c7e6dd20938b9d_s390x
Red Hatrhacm2/kube-rbac-proxy-rhel8@sha256:7a59d2123f328e9e0a992e47f4bc36254b982106d3c985a318264d219cc65ea4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/kube-rbac-proxy-rhel8@sha256:7a59d2123f328e9e0a992e47f4bc36254b982106d3c985a318264d219cc65ea4_ppc64le, rhacm2/kube-rbac-proxy-rhel8@sha256:7a59d2123f328e9e0a992e47f4bc36254b982106d3c985a318264d219cc65ea4_ppc64le
Red Hatrhacm2/multicluster-operators-application-rhel8@sha256:4e84d0ea4941aa2c767a1a94abffe9325833c51b29af7223fe7d120873b7e729_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8*, rhacm2/multicluster-operators-application-rhel8@sha256:4e84d0ea4941aa2c767a1a94abffe9325833c51b29af7223fe7d120873b7e729_amd64, rhacm2/multicluster-operators-application-rhel8@sha256:4e84d0ea4941aa2c767a1a94abffe9325833c51b29af7223fe7d120873b7e729_amd64
Red Hatrhacm2/rbac-query-proxy-rhel8@sha256:d89de1a0f2e6c9aa8ff3e209052ad15f596129cce26efa9b7ed6bd07a021183a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/rbac-query-proxy-rhel8@sha256:d89de1a0f2e6c9aa8ff3e209052ad15f596129cce26efa9b7ed6bd07a021183a_ppc64le, rhacm2/rbac-query-proxy-rhel8@sha256:d89de1a0f2e6c9aa8ff3e209052ad15f596129cce26efa9b7ed6bd07a021183a_ppc64le
Red Hatrhacm2/acm-operator-bundle@sha256:e17a7512820df73b38b5d61c72dfc9478280d18214cf320900f93591b2c25097_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8*, rhacm2/acm-operator-bundle@sha256:e17a7512820df73b38b5d61c72dfc9478280d18214cf320900f93591b2c25097_ppc64le
Red Hatrhacm2/rbac-query-proxy-rhel8@sha256:48f7df44d0f7f11da16cf1d9b5029ced6f9ebf7bdc6a34d82169a551d997f5ad_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/rbac-query-proxy-rhel8@sha256:48f7df44d0f7f11da16cf1d9b5029ced6f9ebf7bdc6a34d82169a551d997f5ad_s390x, *, rhacm2/rbac-query-proxy-rhel8@sha256:48f7df44d0f7f11da16cf1d9b5029ced6f9ebf7bdc6a34d82169a551d997f5ad_s390x
Red Hatrhacm2/submariner-addon-rhel8@sha256:0238844dfb761b59563747e3433554e62892858ca9d12776ba8fb233d488bbfd_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8*, rhacm2/submariner-addon-rhel8@sha256:0238844dfb761b59563747e3433554e62892858ca9d12776ba8fb233d488bbfd_arm64
Red Hatrhacm2/acm-grafana-rhel8@sha256:fb1474e864350415f55a05ea7678b6a52376fb97ff7a8d196b715a79393f3a42_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/acm-grafana-rhel8@sha256:fb1474e864350415f55a05ea7678b6a52376fb97ff7a8d196b715a79393f3a42_s390x, rhacm2/acm-grafana-rhel8@sha256:fb1474e864350415f55a05ea7678b6a52376fb97ff7a8d196b715a79393f3a42_s390x, *
Red Hatrhacm2/cert-policy-controller-rhel8@sha256:bc0b245e70ba65ec9db65259ffbb3123c385d47e23e32144e5860f29e109c8d1_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/cert-policy-controller-rhel8@sha256:bc0b245e70ba65ec9db65259ffbb3123c385d47e23e32144e5860f29e109c8d1_arm64, rhacm2/cert-policy-controller-rhel8@sha256:bc0b245e70ba65ec9db65259ffbb3123c385d47e23e32144e5860f29e109c8d1_arm64, *
Red Hatrhacm2/acm-search-v2-api-rhel8@sha256:22c0d4911e5b37a047d50f4497dcd29f6e60851d0d7bf560d67ee30d31e66913_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8*, *, *
Red Hatrhacm2/console-rhel8@sha256:6f91acaf226dd88bc71337092d082984a497e93c350813745831681394aebb0e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/console-rhel8@sha256:6f91acaf226dd88bc71337092d082984a497e93c350813745831681394aebb0e_ppc64le, rhacm2/console-rhel8@sha256:6f91acaf226dd88bc71337092d082984a497e93c350813745831681394aebb0e_ppc64le
Red Hatrhacm2/endpoint-monitoring-rhel8-operator@sha256:b15280e85e0f50e3c06968389099e73c1747f29767f4587ac3563a9784fd840d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8rhacm2/endpoint-monitoring-rhel8-operator@sha256:b15280e85e0f50e3c06968389099e73c1747f29767f4587ac3563a9784fd840d_arm64, rhacm2/endpoint-monitoring-rhel8-operator@sha256:b15280e85e0f50e3c06968389099e73c1747f29767f4587ac3563a9784fd840d_arm64, *

…and 330 more

Timeline

  • Mar 14, 2024 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›