VDB

RHSA-2024%3A4965

RHSA-2024%3A4965 PUBLISHED CVSS 6 MEDIUM

A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information.

Risk Scores

CVSS 3.1
6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-installer-artifacts-rhel9@sha256:91ad3e5466db24d71d7329a845ccb4164486e80948da7034996c4dc9b8cacaa2_arm64 as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-cloud-credential-rhel9-operator@sha256:b3eca7289accebe26a2f80eeb724e6bf4d6625cc1a8594f1f14257b32cd770d9_s390x as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-ovn-kubernetes-rhel9@sha256:2278c5f7e19081396f28d2f0b4b442e6f808f32bfc730e8bbe5f8f4c03c04504_s390x as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-ovn-kubernetes-rhel9@sha256:2278c5f7e19081396f28d2f0b4b442e6f808f32bfc730e8bbe5f8f4c03c04504_s390x
Red Hatopenshift4/ose-cluster-network-rhel9-operator@sha256:6f1cad19a30390d98e6f45e55ded875855480ab982ee55db3e4c843e6f2be640_amd64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-cluster-network-rhel9-operator@sha256:6f1cad19a30390d98e6f45e55ded875855480ab982ee55db3e4c843e6f2be640_amd64
Red Hatopenshift4/ose-multus-whereabouts-ipam-cni-rhel9@sha256:bf348cfa84b9e8f5068bc7c933594dd2592f80013d4a7c9ed50f8126f250b6cb_arm64 as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-cluster-etcd-rhel9-operator@sha256:90bdc1a5adcf9f25f398cc0b9a5afddaffed9bda4598f4053be3a96f6c5ac574_s390x as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:57e9800891ea8567ae0fc2ee59d4f40c89625bcf7ca4260df3fcf6bc2cfa866f_s390x as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-installer-rhel9@sha256:3d96307f8d1e2ed23e85765be3d638f9999a79f1f990d3090eafce4ddb2ff22a_s390x as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-machine-config-rhel9-operator@sha256:3be112013562fc5e5c5fde7dca342cbaca5947768e3025d3c3f8b816214f1696_ppc64le as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-machine-config-rhel9-operator@sha256:3be112013562fc5e5c5fde7dca342cbaca5947768e3025d3c3f8b816214f1696_ppc64le
Red Hatopenshift4/ose-operator-registry-rhel9@sha256:14300ed6e229ca0b42d157f13ef8a3f5647725dc173bfef114aa88c003752742_ppc64le as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-operator-registry-rhel9@sha256:8c40808455dc9e15ebb9933d41a17ddfb280a8558920d64ab9f34ec8f51d6c54_s390x as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-operator-registry-rhel9@sha256:8c40808455dc9e15ebb9933d41a17ddfb280a8558920d64ab9f34ec8f51d6c54_s390x
Red Hatopenshift4/ose-container-networking-plugins-rhel9@sha256:4daa70777e39f1d7cbb306e1318ea9e93942bc7e305f8320ff601f60ceb1adcb_arm64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-container-networking-plugins-rhel9@sha256:4daa70777e39f1d7cbb306e1318ea9e93942bc7e305f8320ff601f60ceb1adcb_arm64
Red Hatopenshift4/ose-operator-registry-rhel9@sha256:9cb17ddb221a3eacb2b1367c83e2ed35e1cd9402cdece23e8e2c9131f81e0ce8_amd64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-operator-registry-rhel9@sha256:9cb17ddb221a3eacb2b1367c83e2ed35e1cd9402cdece23e8e2c9131f81e0ce8_amd64
Red Hatopenshift4/ose-docker-builder-rhel9@sha256:f0c6748691ef76aa893ed43b6309b38dcb9d13aa06f2cdc7e0347e9ec2173bc5_arm64 as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-console-rhel9@sha256:a04ff4350e717266868e9b28cc37ae2c4390da9bdf741193a2692fe80da47a5a_arm64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-console-rhel9@sha256:a04ff4350e717266868e9b28cc37ae2c4390da9bdf741193a2692fe80da47a5a_arm64
Red Hatopenshift4/ose-hypershift-rhel9@sha256:429a6d7f8df74d88126cb1c9b2bd89ba54c4e1bf09905185fa2bd3cfdd2782b3_s390x as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-installer-artifacts-rhel9@sha256:6a72e42738ac48ab108e936a61c9d86b3c9f9cc72982e36a5d48b9b65b2ff536_ppc64le as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-baremetal-runtimecfg-rhel9@sha256:defbb57f4be28680ab5248d6a028d0953b6b9eefd0246754238b469731816f82_amd64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-baremetal-runtimecfg-rhel9@sha256:defbb57f4be28680ab5248d6a028d0953b6b9eefd0246754238b469731816f82_amd64
Red Hatopenshift4/ose-baremetal-installer-rhel9@sha256:7c9b4ee55964b106c2c9d83bdcc5413a3bbea8add4387465a7cb7d102f524a93_s390x as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-baremetal-installer-rhel9@sha256:7c9b4ee55964b106c2c9d83bdcc5413a3bbea8add4387465a7cb7d102f524a93_s390x
Red Hatopenshift4/ose-cluster-kube-apiserver-rhel9-operator@sha256:b463975b905acb432df35368401d5ac1672e4bc6264fc9f76c1be2d352e98c2d_ppc64le as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-cluster-kube-apiserver-rhel9-operator@sha256:b463975b905acb432df35368401d5ac1672e4bc6264fc9f76c1be2d352e98c2d_ppc64le

…and 143 more

Timeline

  • Aug 6, 2024 CVE Published
  • Apr 24, 2026 CVE Updated
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›