VDB

RHSA-2024%3A1679

RHSA-2024%3A1679 PUBLISHED CVSS 7.5 HIGH

A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-hyperkube@sha256:19d0c592914c0a3b4fdf4e387ca1e56484a60790aafae1a0513e0311be1c426b_amd64 as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/ose-pod@sha256:09f9b48e67033e079916d318ec6018a8afc4cf93220ded16f9eed75af5abd712_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-pod@sha256:09f9b48e67033e079916d318ec6018a8afc4cf93220ded16f9eed75af5abd712_ppc64le
Red Hatopenshift4/ose-hyperkube@sha256:3f6e584b37271f37182144533d7ce224fe20439452bf4f3bd07672e31def24da_s390x as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/ose-hyperkube@sha256:fc65b447c7d8427d6b07c6d1c89918ec1d89825238703502eda5e4b61f489c5b_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-hyperkube@sha256:fc65b447c7d8427d6b07c6d1c89918ec1d89825238703502eda5e4b61f489c5b_ppc64le
Red Hatopenshift4/ose-pod@sha256:60ed0d4727134777de93626c1de3b8eb011cad8746f9f7227eede8277a8ec1e0_arm64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-pod@sha256:60ed0d4727134777de93626c1de3b8eb011cad8746f9f7227eede8277a8ec1e0_arm64
Red Hatopenshift4/ose-pod@sha256:e6bde3f71d872d8ca548d82ba9ad5fda412f81a56e64bab9e56860fabbe30207_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-pod@sha256:e6bde3f71d872d8ca548d82ba9ad5fda412f81a56e64bab9e56860fabbe30207_amd64
Red Hatopenshift4/ose-hyperkube@sha256:346c91e88d93f8a9599b7ffde861d5a6b1fc16f1cdf2cc68074fe04b60ac0efa_arm64 as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/ose-pod@sha256:897f6305233eb17cdede37eeaed9f4d03d556ebaae1e06a952cea604dd5ed405_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-pod@sha256:897f6305233eb17cdede37eeaed9f4d03d556ebaae1e06a952cea604dd5ed405_s390x

Timeline

  • Apr 8, 2024 CVE Published
  • Apr 25, 2026 CVE Updated
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›