VDB

RHSA-2024%3A1683

RHSA-2024%3A1683 PUBLISHED CVSS 7.5 HIGH

A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-pod@sha256:6bf019e4dded5424e2ce1d1557bd054c7c388fb035da860ad5db9fea009febeb_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-pod@sha256:6bf019e4dded5424e2ce1d1557bd054c7c388fb035da860ad5db9fea009febeb_ppc64le
Red Hatopenshift4/ose-hyperkube@sha256:bb8f73001be1e2b4fa2871345c3bc787712786af3c557f8e26bbde9e507bda20_s390x as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-pod@sha256:6c83f5cd64d6d44fc5fb4a5388dbd60f622db8b6e065ae9ed42187bbbe2a6f7f_s390x as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-pod@sha256:6c83f5cd64d6d44fc5fb4a5388dbd60f622db8b6e065ae9ed42187bbbe2a6f7f_s390x
Red Hatopenshift4/ose-hyperkube@sha256:6c81db26fe80749b56018113d64967fd6bafd9fc9ad9ff74bfedba6ef6da8e51_amd64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-hyperkube@sha256:08a3f2cc02820748cb6627d7ee17377a5195cf76b86c3cd3f460d4400f8e50a5_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-hyperkube@sha256:08a3f2cc02820748cb6627d7ee17377a5195cf76b86c3cd3f460d4400f8e50a5_arm64
Red Hatopenshift4/ose-hyperkube@sha256:6dc7adba59e29a3651bb18e75ba58d61c5640e524141cc87ce8e1d8d653d8292_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-hyperkube@sha256:6dc7adba59e29a3651bb18e75ba58d61c5640e524141cc87ce8e1d8d653d8292_ppc64le
Red Hatopenshift4/ose-pod@sha256:f572afd4089fa383f22fb404248b7344fafd17cb027fc865e47b434ea8e5a73c_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-pod@sha256:f572afd4089fa383f22fb404248b7344fafd17cb027fc865e47b434ea8e5a73c_arm64
Red Hatopenshift4/ose-pod@sha256:49ff654b15cf7c0965afb2b240b1adf999e46f102c00670a90bbbfe1bd4e71e6_amd64 as a component of Red Hat OpenShift Container Platform 4.13*

Timeline

  • Apr 8, 2024 CVE Published
  • Apr 25, 2026 CVE Updated
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›