VDB

RHSA-2024%3A2068

RHSA-2024%3A2068 PUBLISHED CVSS 7.5 HIGH

A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-prometheus-node-exporter@sha256:984d611edb0110b3d4c6da8a0f16b868cc0a30515a82e88f2d4e1140d222a35b_arm64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-prometheus-node-exporter@sha256:984d611edb0110b3d4c6da8a0f16b868cc0a30515a82e88f2d4e1140d222a35b_arm64
Red Hatopenshift4/ose-kube-rbac-proxy@sha256:c86556f7f05aaea53ef6c50ded6917f6949f7f46b8bd92783df86a5a935a0191_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-kube-rbac-proxy@sha256:c86556f7f05aaea53ef6c50ded6917f6949f7f46b8bd92783df86a5a935a0191_amd64
Red Hatopenshift4/ose-prometheus@sha256:d33fb598d736788a7a0044f71da60b702d6a0183ab969923a1af081be810abc7_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-prometheus@sha256:d33fb598d736788a7a0044f71da60b702d6a0183ab969923a1af081be810abc7_amd64
Red Hatopenshift4/ose-sdn-rhel9@sha256:1410ad6329ed34519083f0f996c36b790b23307b1e8585f6c0c0e0a96aa34fdd_amd64 as a component of Red Hat OpenShift Container Platform 4.15*
Red Hatopenshift4/ose-hyperkube-rhel9@sha256:f5a3c8171471fcc30f7ec1405c528b66ae1cc79b196212f4c6981755c42ac595_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-hyperkube-rhel9@sha256:f5a3c8171471fcc30f7ec1405c528b66ae1cc79b196212f4c6981755c42ac595_amd64
Red Hatopenshift4/ose-aws-cloud-controller-manager-rhel9@sha256:4aad90af6890f5c03a5bddba1f99abad8e80b584cf64cc1d81192e8e4cbbdbbb_amd64 as a component of Red Hat OpenShift Container Platform 4.15*
Red Hatopenshift4/ose-multus-route-override-cni-rhel8@sha256:8588029904856e8381308b73e721000d79000ee16d84438eb8e5ce44becd89f8_amd64 as a component of Red Hat OpenShift Container Platform 4.15*
Red Hatopenshift4/ose-machine-config-operator@sha256:413667ba399afc0e4f29823d2fd11b239e51748da555f8de7f1c52f437068d2e_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-machine-config-operator@sha256:413667ba399afc0e4f29823d2fd11b239e51748da555f8de7f1c52f437068d2e_amd64
Red Hatopenshift4/ose-operator-lifecycle-manager-rhel9@sha256:fdac21f6fe1c9e627a5025d9a92be272c60e8c7f3ca05638fa5bcffac669f7dd_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-operator-lifecycle-manager-rhel9@sha256:fdac21f6fe1c9e627a5025d9a92be272c60e8c7f3ca05638fa5bcffac669f7dd_amd64
Red Hatopenshift4/ose-csi-node-driver-registrar-rhel8@sha256:8678c3fc61158f1107023b3981e4d498354d83babc0ed45b9552ee534d79982e_arm64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-csi-node-driver-registrar-rhel8@sha256:8678c3fc61158f1107023b3981e4d498354d83babc0ed45b9552ee534d79982e_arm64
Red Hatopenshift4/ose-cli-artifacts@sha256:07d75ebdcad090956c52f5f2a9e0d2afeb346aeceed7b284f4421b207f2b1834_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-cli-artifacts@sha256:07d75ebdcad090956c52f5f2a9e0d2afeb346aeceed7b284f4421b207f2b1834_amd64
Red Hatopenshift4/ose-agent-installer-utils-rhel9@sha256:cbb910e189d0c50585af80d83afc2e64baf9927fd124f5627f76dca293b1e130_amd64 as a component of Red Hat OpenShift Container Platform 4.15*
Red Hatopenshift4/ose-console@sha256:7ca44056083d98a3594c4f31607eb99cb36837deb48c4c8367d2654f87caf752_ppc64le as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-console@sha256:7ca44056083d98a3594c4f31607eb99cb36837deb48c4c8367d2654f87caf752_ppc64le
Red Hatopenshift4/ose-agent-installer-csr-approver-rhel8@sha256:e9714125309cbb5fe1531fb5e704ade3bc56bac58c337773c9c26af269125759_s390x as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-agent-installer-csr-approver-rhel8@sha256:e9714125309cbb5fe1531fb5e704ade3bc56bac58c337773c9c26af269125759_s390x
Red Hatopenshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:e2975f402e669716d879dcc2d2557507cd2f7fca9ad4717f7e8683a8ccf8aee4_ppc64le as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:e2975f402e669716d879dcc2d2557507cd2f7fca9ad4717f7e8683a8ccf8aee4_ppc64le
Red Hatopenshift4/ose-installer-artifacts@sha256:541e827588bb412e93b2010914bc3a23c3c7784feda2f7f38ffc460ba970f214_s390x as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-installer-artifacts@sha256:541e827588bb412e93b2010914bc3a23c3c7784feda2f7f38ffc460ba970f214_s390x
Red Hatopenshift4/ose-openstack-cloud-controller-manager-rhel9@sha256:b8dbe726210f8c5c557c71407797fb8841c349d9cca3de725c3c0e5b802b3d61_s390x as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-openstack-cloud-controller-manager-rhel9@sha256:b8dbe726210f8c5c557c71407797fb8841c349d9cca3de725c3c0e5b802b3d61_s390x
Red Hatopenshift4/ose-prometheus-node-exporter@sha256:ea8f50015e782bc646bf3962a1989b2dccc34a0a829b6a3ce65e30d5f3441951_amd64 as a component of Red Hat OpenShift Container Platform 4.15*
Red Hatopenshift4/ose-openstack-cinder-csi-driver-rhel9@sha256:2569b83a9a92dfc2b1942f03a0ccbbb385fb76df29f9645af43292192887ee20_amd64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-openstack-cinder-csi-driver-rhel9@sha256:2569b83a9a92dfc2b1942f03a0ccbbb385fb76df29f9645af43292192887ee20_amd64
Red Hatopenshift4/ose-operator-lifecycle-manager-rhel9@sha256:e69e82136c4a24f229cbd7974a7ea14b35ed9b841e7f32a1816bfefa1b35ceea_arm64 as a component of Red Hat OpenShift Container Platform 4.15openshift4/ose-operator-lifecycle-manager-rhel9@sha256:e69e82136c4a24f229cbd7974a7ea14b35ed9b841e7f32a1816bfefa1b35ceea_arm64

…and 329 more

Timeline

  • May 2, 2024 CVE Published
  • Apr 25, 2026 CVE Updated
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›