VDB

RHSA-2024%3A4010

RHSA-2024%3A4010 PUBLISHED CVSS 7.5 HIGH

A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-keepalived-ipfailover@sha256:1576dcada2c60911639582008402b8ef51672dde067690914e0b0ecdef3fcd5d_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-keepalived-ipfailover@sha256:1576dcada2c60911639582008402b8ef51672dde067690914e0b0ecdef3fcd5d_s390x, openshift4/ose-keepalived-ipfailover@sha256:1576dcada2c60911639582008402b8ef51672dde067690914e0b0ecdef3fcd5d_s390x
Red Hatopenshift4/ose-prometheus@sha256:972ec3404d895fc8b56a4c5967ad67a53f69cb1d2fdd2a190a3d39863cdc6e6b_arm64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-prometheus@sha256:972ec3404d895fc8b56a4c5967ad67a53f69cb1d2fdd2a190a3d39863cdc6e6b_arm64, openshift4/ose-prometheus@sha256:972ec3404d895fc8b56a4c5967ad67a53f69cb1d2fdd2a190a3d39863cdc6e6b_arm64
Red Hatopenshift4/ose-etcd-rhel9@sha256:7f5b3d98cb7a38df4ca48858e8693b393c7b4f43df6dc4d5d4d7b81a6150dfcc_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-etcd-rhel9@sha256:7f5b3d98cb7a38df4ca48858e8693b393c7b4f43df6dc4d5d4d7b81a6150dfcc_ppc64le, *, openshift4/ose-etcd-rhel9@sha256:7f5b3d98cb7a38df4ca48858e8693b393c7b4f43df6dc4d5d4d7b81a6150dfcc_ppc64le
Red Hatopenshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:b92d9f4b2afe2da3e9fc92363fd82c11abcd68c3f5a23fad77df03885bfa4603_arm64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:b92d9f4b2afe2da3e9fc92363fd82c11abcd68c3f5a23fad77df03885bfa4603_arm64
Red Hatopenshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:5043ffa05d743be9051ba968eea9ee70571ec16bf818074a1f69d8124f985016_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:5043ffa05d743be9051ba968eea9ee70571ec16bf818074a1f69d8124f985016_ppc64le, *, *
Red Hatopenshift4/ose-installer-artifacts@sha256:682ed39ca2533a43a3252b9fd13db1128bf6ec38f98f6b5ed732f551a02a83d8_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-installer-artifacts@sha256:682ed39ca2533a43a3252b9fd13db1128bf6ec38f98f6b5ed732f551a02a83d8_amd64, openshift4/ose-installer-artifacts@sha256:682ed39ca2533a43a3252b9fd13db1128bf6ec38f98f6b5ed732f551a02a83d8_amd64
Red Hatopenshift4/ose-cluster-etcd-rhel8-operator@sha256:3f5d178658e2c004133a3e8925fb01dbb36b9ff8dc345a280506d0493f6c7441_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cluster-etcd-rhel8-operator@sha256:3f5d178658e2c004133a3e8925fb01dbb36b9ff8dc345a280506d0493f6c7441_amd64, *
Red Hatopenshift4/ose-csi-livenessprobe-rhel8@sha256:9e02bdfb890ff53faef351697c43e6c705afaaa7eb021d5197126fedd98544a7_s390x as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-csi-livenessprobe-rhel8@sha256:9e02bdfb890ff53faef351697c43e6c705afaaa7eb021d5197126fedd98544a7_s390x
Red Hatopenshift4/ose-olm-catalogd-rhel8@sha256:1e982eb50d20baf6ecf3173ccf3e6ad48a01c09ffdfab5b7b52d274464d5526b_arm64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-olm-catalogd-rhel8@sha256:1e982eb50d20baf6ecf3173ccf3e6ad48a01c09ffdfab5b7b52d274464d5526b_arm64, *, *
Red Hatopenshift4/ose-etcd-rhel9@sha256:636373dc2311435d5b28e1d113b5e335b071884dc7e81c943d111c3812d0bb03_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-etcd-rhel9@sha256:636373dc2311435d5b28e1d113b5e335b071884dc7e81c943d111c3812d0bb03_s390x, openshift4/ose-etcd-rhel9@sha256:636373dc2311435d5b28e1d113b5e335b071884dc7e81c943d111c3812d0bb03_s390x
Red Hatopenshift4/ose-cluster-ingress-operator@sha256:e97ec07cc8b6c5648e2f40471bbc5b707df3e2cdca099588c129a52e16d134c2_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cluster-ingress-operator@sha256:e97ec07cc8b6c5648e2f40471bbc5b707df3e2cdca099588c129a52e16d134c2_ppc64le, openshift4/ose-cluster-ingress-operator@sha256:e97ec07cc8b6c5648e2f40471bbc5b707df3e2cdca099588c129a52e16d134c2_ppc64le
Red Hatopenshift4/ose-machine-api-provider-openstack-rhel8@sha256:4424e51a57fd738005350307ca48f02afd447c1868a0a2433bc98271c1074a3b_arm64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-machine-api-provider-openstack-rhel8@sha256:4424e51a57fd738005350307ca48f02afd447c1868a0a2433bc98271c1074a3b_arm64, openshift4/ose-machine-api-provider-openstack-rhel8@sha256:4424e51a57fd738005350307ca48f02afd447c1868a0a2433bc98271c1074a3b_arm64
Red Hatopenshift4/ose-cluster-kube-controller-manager-operator@sha256:63f2fa5c72be322447b81f4b6179d7bf34444ee5c225565febb64a54645f5dfc_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cluster-kube-controller-manager-operator@sha256:63f2fa5c72be322447b81f4b6179d7bf34444ee5c225565febb64a54645f5dfc_ppc64le, openshift4/ose-cluster-kube-controller-manager-operator@sha256:63f2fa5c72be322447b81f4b6179d7bf34444ee5c225565febb64a54645f5dfc_ppc64le
Red Hatopenshift4/ose-agent-installer-api-server-rhel8@sha256:ecaca9922ae52607a298cb69dd22adcf623968fa0905721c75c459fd8bd37e1a_s390x as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-agent-installer-api-server-rhel8@sha256:ecaca9922ae52607a298cb69dd22adcf623968fa0905721c75c459fd8bd37e1a_s390x
Red Hatopenshift4/ose-aws-cluster-api-controllers-rhel8@sha256:4db37c8d42cd8317a2bcbe8acabf0606c1defb1085ee46675e8de56f7324d3e1_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-aws-cluster-api-controllers-rhel8@sha256:4db37c8d42cd8317a2bcbe8acabf0606c1defb1085ee46675e8de56f7324d3e1_amd64, *, *
Red Hatopenshift4/ose-tests@sha256:b0dbfec690392e4cf55527add4c6552ffa43f8ccc288ab1e84dfe81735a006ba_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-tests@sha256:b0dbfec690392e4cf55527add4c6552ffa43f8ccc288ab1e84dfe81735a006ba_ppc64le, openshift4/ose-tests@sha256:b0dbfec690392e4cf55527add4c6552ffa43f8ccc288ab1e84dfe81735a006ba_ppc64le
Red Hatopenshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:66b626c7d9076b601df080a5706073fca2bfbd33d157e73990f33a165f67c0d5_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:66b626c7d9076b601df080a5706073fca2bfbd33d157e73990f33a165f67c0d5_s390x, *, *
Red Hatopenshift4/ose-pod@sha256:f6951cdf0991a5e475a863fd8485313d194b02fd0696a3b6394b66409c82d360_s390x as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-pod@sha256:f6951cdf0991a5e475a863fd8485313d194b02fd0696a3b6394b66409c82d360_s390x, *
Red Hatopenshift4/network-tools-rhel8@sha256:c1fcf483a52ac3f77674e23100571665089228d30eec34d99ef8b880629b0510_arm64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/network-tools-rhel8@sha256:c1fcf483a52ac3f77674e23100571665089228d30eec34d99ef8b880629b0510_arm64, *
Red Hatopenshift4/ose-vsphere-csi-driver-rhel8@sha256:a0fb27daf2803263c4b2dd45844017308b399d64949df3a0a107fb29eb90510e_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-vsphere-csi-driver-rhel8@sha256:a0fb27daf2803263c4b2dd45844017308b399d64949df3a0a107fb29eb90510e_amd64

…and 1338 more

Timeline

  • Jun 26, 2024 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›