VDB
RHSA-2024%3A1859
RHSA-2024%3A1859
PUBLISHED
CVSS 5.300000190734863 MEDIUM
A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 as a component of 9Base-OADP-1.3 | oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64, *, oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 |
| Red Hat | oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le as a component of 9Base-OADP-1.3 | oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le, oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le, oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le |
| Red Hat | oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 as a component of 9Base-OADP-1.3 | *, *, oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 |
| Red Hat | oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le, *, oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le |
| Red Hat | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le, *, oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le |
| Red Hat | oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 as a component of 9Base-OADP-1.3 | *, *, oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 |
| Red Hat | oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le as a component of 9Base-OADP-1.3 | *, *, * |
| Red Hat | oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64 as a component of 9Base-OADP-1.3 | oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64, oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64, * |
| Red Hat | oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64 as a component of 9Base-OADP-1.3 | oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64, *, * |
| Red Hat | oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x as a component of 9Base-OADP-1.3 | oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x, *, oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x |
| Red Hat | oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x as a component of 9Base-OADP-1.3 | oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x, oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x, oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x |
| Red Hat | oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le, *, oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le |
| Red Hat | oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le as a component of 9Base-OADP-1.3 | oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le, oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le, oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le |
| Red Hat | oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64, oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64, oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 |
| Red Hat | oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x as a component of 9Base-OADP-1.3 | *, oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x, * |
| Red Hat | oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le as a component of 9Base-OADP-1.3 | *, oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le, oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le |
| Red Hat | oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le as a component of 9Base-OADP-1.3 | *, oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le, oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le |
| Red Hat | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x, *, * |
| Red Hat | oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le, oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le, oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le |
| Red Hat | oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64 as a component of 9Base-OADP-1.3 | oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64, *, * |
…and 68 more
Timeline
- Apr 16, 2024 CVE Published
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- May 16, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2024:1859 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2245180 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2253193 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2253330 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2254210 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2268046 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2268854 issue
- https://issues.redhat.com/browse/OADP-1912 advisory
- https://issues.redhat.com/browse/OADP-2866 advisory
- https://issues.redhat.com/browse/OADP-3005 advisory
- https://issues.redhat.com/browse/OADP-3038 advisory
- https://issues.redhat.com/browse/OADP-3041 advisory
- https://issues.redhat.com/browse/OADP-3044 advisory
- https://issues.redhat.com/browse/OADP-3051 advisory
- https://issues.redhat.com/browse/OADP-3055 advisory
- https://issues.redhat.com/browse/OADP-3189 advisory
- https://issues.redhat.com/browse/OADP-3326 advisory
- https://issues.redhat.com/browse/OADP-3379 advisory
- https://issues.redhat.com/browse/OADP-3390 advisory
…and 34 more