VDB

RHSA-2024%3A3523

RHSA-2024%3A3523 PUBLISHED CVSS 7.5 HIGH

A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-multus-admission-controller@sha256:61de39f5d63790190177c6a682d0724131a06a397a874489826da04fb3cc51d5_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-multus-admission-controller@sha256:61de39f5d63790190177c6a682d0724131a06a397a874489826da04fb3cc51d5_amd64, *
Red Hatopenshift4/ose-ibmcloud-cluster-api-controllers-rhel8@sha256:aecc1bf1e9d2eaaeb59fb208b71a3e1e040067bae7e4895f64a9ff1c491da016_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-ibmcloud-cluster-api-controllers-rhel8@sha256:aecc1bf1e9d2eaaeb59fb208b71a3e1e040067bae7e4895f64a9ff1c491da016_ppc64le, *
Red Hatopenshift4/ose-docker-registry@sha256:39cc1f8ede8ed8293f67b63be43ebe62c84f337946532ab6135fdcafbab2c35a_arm64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-docker-registry@sha256:39cc1f8ede8ed8293f67b63be43ebe62c84f337946532ab6135fdcafbab2c35a_arm64
Red Hatopenshift4/ose-baremetal-installer-rhel8@sha256:e41478089ea6a318117c580db7e40cdc549f78362912e6a83ebc7cd812f511c6_s390x as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-baremetal-installer-rhel8@sha256:e41478089ea6a318117c580db7e40cdc549f78362912e6a83ebc7cd812f511c6_s390x
Red Hatopenshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7914192f017e8f48822792bfdfd9078796c33aa71dd87598125d936bb776445f_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7914192f017e8f48822792bfdfd9078796c33aa71dd87598125d936bb776445f_s390x, openshift4/ose-cluster-node-tuning-rhel9-operator@sha256:7914192f017e8f48822792bfdfd9078796c33aa71dd87598125d936bb776445f_s390x
Red Hatopenshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:a38118a0bf28a48f4e50b3c6a3f16f010086aade615baf5b4229ce5ccc06dbe1_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:a38118a0bf28a48f4e50b3c6a3f16f010086aade615baf5b4229ce5ccc06dbe1_amd64, *
Red Hatopenshift4/ose-pod@sha256:d460ec6b3e3ed9ba49524bb7c0f3762caaffb87a4540b42b178c6c7e9d2459f7_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-pod@sha256:d460ec6b3e3ed9ba49524bb7c0f3762caaffb87a4540b42b178c6c7e9d2459f7_ppc64le, *
Red Hatopenshift4/ose-container-networking-plugins-rhel8@sha256:9c9591f49a27c3429ca65bfb328d503dcb0fe9cfb69fbe1ad2741a2415c655c7_arm64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-container-networking-plugins-rhel8@sha256:9c9591f49a27c3429ca65bfb328d503dcb0fe9cfb69fbe1ad2741a2415c655c7_arm64, openshift4/ose-container-networking-plugins-rhel8@sha256:9c9591f49a27c3429ca65bfb328d503dcb0fe9cfb69fbe1ad2741a2415c655c7_arm64
Red Hatopenshift4/ose-cluster-etcd-rhel8-operator@sha256:f204637b011710f7a74b66e941d9d8db590bd4cf1fefbac6c03cf6bb9a29af5a_s390x as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-cluster-etcd-rhel8-operator@sha256:f204637b011710f7a74b66e941d9d8db590bd4cf1fefbac6c03cf6bb9a29af5a_s390x
Red Hatopenshift4/ose-kube-storage-version-migrator-rhel8@sha256:70fb2952e84b91b76ba0778d68b2b7811ae3774cffde9210cf0ce36ccf4cd665_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-kube-storage-version-migrator-rhel8@sha256:70fb2952e84b91b76ba0778d68b2b7811ae3774cffde9210cf0ce36ccf4cd665_amd64, openshift4/ose-kube-storage-version-migrator-rhel8@sha256:70fb2952e84b91b76ba0778d68b2b7811ae3774cffde9210cf0ce36ccf4cd665_amd64
Red Hatopenshift4/ose-coredns@sha256:9cf366d9272854657d4a161be81e0f7a217ef0c172862e2ab89a62d6133dc699_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-coredns@sha256:9cf366d9272854657d4a161be81e0f7a217ef0c172862e2ab89a62d6133dc699_ppc64le
Red Hatopenshift4/ose-alibaba-cloud-controller-manager-rhel8@sha256:a17fd81ee4ef19933306fded47b4cbb3625b23c48ccc4928ff86004418c8f50e_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-alibaba-cloud-controller-manager-rhel8@sha256:a17fd81ee4ef19933306fded47b4cbb3625b23c48ccc4928ff86004418c8f50e_amd64
Red Hatopenshift4/ose-cluster-autoscaler-operator@sha256:4ddb68ccb93cd00d98aa1a038032d0bc5722c92283a130d7c5e48ebd1fd02348_arm64 as a component of Red Hat OpenShift Container Platform 4.14*, *
Red Hatopenshift4/ose-service-ca-operator@sha256:2af3b18d2bd3180a0e385f493d2c270d67b054c8d6b289611d742da9577f28c6_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-service-ca-operator@sha256:2af3b18d2bd3180a0e385f493d2c270d67b054c8d6b289611d742da9577f28c6_s390x, openshift4/ose-service-ca-operator@sha256:2af3b18d2bd3180a0e385f493d2c270d67b054c8d6b289611d742da9577f28c6_s390x
Red Hatopenshift4/ose-cluster-api-rhel8@sha256:672a7f7f0edb83f1778d36f5038cc950377acb8cc466fcfeafaa6e34c2251c87_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cluster-api-rhel8@sha256:672a7f7f0edb83f1778d36f5038cc950377acb8cc466fcfeafaa6e34c2251c87_ppc64le, *
Red Hatopenshift4/ose-multus-cni@sha256:447df2ba2d9e0882f16d53d6cc8808777cba0f70bcdbc02bfd4184dd1a389795_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-multus-cni@sha256:447df2ba2d9e0882f16d53d6cc8808777cba0f70bcdbc02bfd4184dd1a389795_s390x, openshift4/ose-multus-cni@sha256:447df2ba2d9e0882f16d53d6cc8808777cba0f70bcdbc02bfd4184dd1a389795_s390x
Red Hatopenshift4/ose-configmap-reloader@sha256:2ab77d2ab500ec3eea36eb44dd1cd0ddb1c853e8e92e28e1ec9c1ad0704bf487_ppc64le as a component of Red Hat OpenShift Container Platform 4.14*, *
Red Hatopenshift4/ovirt-csi-driver-rhel7@sha256:0fbfe9814d155d48e27dcffc8ea4a55dfcb6501fab4c3c7c722bbc4d5f5d7269_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ovirt-csi-driver-rhel7@sha256:0fbfe9814d155d48e27dcffc8ea4a55dfcb6501fab4c3c7c722bbc4d5f5d7269_s390x, openshift4/ovirt-csi-driver-rhel7@sha256:0fbfe9814d155d48e27dcffc8ea4a55dfcb6501fab4c3c7c722bbc4d5f5d7269_s390x
Red Hatopenshift4/ose-cli-artifacts@sha256:6473a62a2cf05ccc0425057509a959db6b51ba556d4a8725329460d750a54581_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-cli-artifacts@sha256:6473a62a2cf05ccc0425057509a959db6b51ba556d4a8725329460d750a54581_amd64
Red Hatopenshift4/ose-cli-artifacts@sha256:8093fdb9b8664137878b01d638e39a2faa38241f6acec45f9d1e4d55a71c1d20_arm64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cli-artifacts@sha256:8093fdb9b8664137878b01d638e39a2faa38241f6acec45f9d1e4d55a71c1d20_arm64, openshift4/ose-cli-artifacts@sha256:8093fdb9b8664137878b01d638e39a2faa38241f6acec45f9d1e4d55a71c1d20_arm64

…and 1346 more

Timeline

  • Jun 10, 2024 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›