VDB

RHSA-2024%3A7624

RHSA-2024%3A7624 PUBLISHED CVSS 6 MEDIUM

A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information.

Risk Scores

CVSS 3.1
6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Affected Products

VendorProductVersions
Red Hatodf4/ocs-client-rhel9-operator@sha256:a498487cd4b94270588a9146feac54c267016c4793c5403b90428c3777652140_arm64 as a component of RHODF 4.14 for RHEL 9*, odf4/ocs-client-rhel9-operator@sha256:a498487cd4b94270588a9146feac54c267016c4793c5403b90428c3777652140_arm64
Red Hatodf4/odf-console-rhel9@sha256:3a725f687187a255b77062a94312155a78bcd7fe8e02991c3239b9afbae7d6d0_ppc64le as a component of RHODF 4.14 for RHEL 9odf4/odf-console-rhel9@sha256:3a725f687187a255b77062a94312155a78bcd7fe8e02991c3239b9afbae7d6d0_ppc64le, *
Red Hatodf4/mcg-core-rhel9@sha256:eaa493f949e533f41b6ef30059b7f84600ac4b8c8a150a7439e4a916886c2ce0_arm64 as a component of RHODF 4.14 for RHEL 9odf4/mcg-core-rhel9@sha256:eaa493f949e533f41b6ef30059b7f84600ac4b8c8a150a7439e4a916886c2ce0_arm64, odf4/mcg-core-rhel9@sha256:eaa493f949e533f41b6ef30059b7f84600ac4b8c8a150a7439e4a916886c2ce0_arm64
Red Hatodf4/odf-csi-addons-rhel9-operator@sha256:ce9028a1d49cbc0f6550fb86803eafe1a0efcc7806d0cff425c519e34677d65c_s390x as a component of RHODF 4.14 for RHEL 9odf4/odf-csi-addons-rhel9-operator@sha256:ce9028a1d49cbc0f6550fb86803eafe1a0efcc7806d0cff425c519e34677d65c_s390x, *
Red Hatodf4/odr-hub-operator-bundle@sha256:ba02179d57bd69e4992990111b331c648aa58ae842aadca555172ce9ffb497ef_amd64 as a component of RHODF 4.14 for RHEL 9odf4/odr-hub-operator-bundle@sha256:ba02179d57bd69e4992990111b331c648aa58ae842aadca555172ce9ffb497ef_amd64, odf4/odr-hub-operator-bundle@sha256:ba02179d57bd69e4992990111b331c648aa58ae842aadca555172ce9ffb497ef_amd64
Red Hatodf4/ocs-metrics-exporter-rhel9@sha256:14a0f09a91ab08ab96af9be59e50627bafa5ff7e327f8302a6e3c3ca879feebc_s390x as a component of RHODF 4.14 for RHEL 9*, *
Red Hatodf4/odr-hub-operator-bundle@sha256:c7a198b719a27687df1ade2a762de09d084c651d086c4523244e5cb204d68316_s390x as a component of RHODF 4.14 for RHEL 9odf4/odr-hub-operator-bundle@sha256:c7a198b719a27687df1ade2a762de09d084c651d086c4523244e5cb204d68316_s390x, odf4/odr-hub-operator-bundle@sha256:c7a198b719a27687df1ade2a762de09d084c651d086c4523244e5cb204d68316_s390x
Red Hatodf4/odf-multicluster-rhel9-operator@sha256:179b9546044b76ce665622cf1b945032696bbbede306c88320d01e0fbd8220cb_s390x as a component of RHODF 4.14 for RHEL 9odf4/odf-multicluster-rhel9-operator@sha256:179b9546044b76ce665622cf1b945032696bbbede306c88320d01e0fbd8220cb_s390x, *
Red Hatodf4/mcg-rhel9-operator@sha256:c68351205603de2f985e6bf5a6a82154aff90c3066989bb4fbdd8e2bbe61563d_arm64 as a component of RHODF 4.14 for RHEL 9odf4/mcg-rhel9-operator@sha256:c68351205603de2f985e6bf5a6a82154aff90c3066989bb4fbdd8e2bbe61563d_arm64, odf4/mcg-rhel9-operator@sha256:c68351205603de2f985e6bf5a6a82154aff90c3066989bb4fbdd8e2bbe61563d_arm64
Red Hatodf4/odf-console-rhel9@sha256:1e69633722b1f95bed6ea4f340d4ceccec63de86a700383ee5a479100acd055c_amd64 as a component of RHODF 4.14 for RHEL 9odf4/odf-console-rhel9@sha256:1e69633722b1f95bed6ea4f340d4ceccec63de86a700383ee5a479100acd055c_amd64, odf4/odf-console-rhel9@sha256:1e69633722b1f95bed6ea4f340d4ceccec63de86a700383ee5a479100acd055c_amd64
Red Hatodf4/odf-multicluster-rhel9-operator@sha256:0b05a2cd389068cb93a442bccc19434bf3a6edddea1a637fa9fae06d809e1c36_arm64 as a component of RHODF 4.14 for RHEL 9odf4/odf-multicluster-rhel9-operator@sha256:0b05a2cd389068cb93a442bccc19434bf3a6edddea1a637fa9fae06d809e1c36_arm64, odf4/odf-multicluster-rhel9-operator@sha256:0b05a2cd389068cb93a442bccc19434bf3a6edddea1a637fa9fae06d809e1c36_arm64
Red Hatodf4/odf-operator-bundle@sha256:8b78c663b3dcba68d34aee56ae280a3ad7d4e1c6ae12dcb53545fd7cbf3d569d_amd64 as a component of RHODF 4.14 for RHEL 9odf4/odf-operator-bundle@sha256:8b78c663b3dcba68d34aee56ae280a3ad7d4e1c6ae12dcb53545fd7cbf3d569d_amd64, odf4/odf-operator-bundle@sha256:8b78c663b3dcba68d34aee56ae280a3ad7d4e1c6ae12dcb53545fd7cbf3d569d_amd64
Red Hatodf4/odf-rhel9-operator@sha256:cd7f3ca0f9acc83d5756ed1f9ea5200cf69505f234b19102c4084a2c85dd1a76_s390x as a component of RHODF 4.14 for RHEL 9*, *
Red Hatodf4/odf-csi-addons-operator-bundle@sha256:eca3b6269440caaa3951708b32ac78f90785e0b2958372ecbf1299655c506eae_ppc64le as a component of RHODF 4.14 for RHEL 9odf4/odf-csi-addons-operator-bundle@sha256:eca3b6269440caaa3951708b32ac78f90785e0b2958372ecbf1299655c506eae_ppc64le, *
Red Hatodf4/rook-ceph-rhel9-operator@sha256:6d25fb7f40747ec3884ded2d4048dabbd888e0e19a959acaea65a800ae1a0f88_amd64 as a component of RHODF 4.14 for RHEL 9odf4/rook-ceph-rhel9-operator@sha256:6d25fb7f40747ec3884ded2d4048dabbd888e0e19a959acaea65a800ae1a0f88_amd64, *
Red Hatodf4/mcg-rhel9-operator@sha256:e25d414f3ed6fc7ee69a930c36ef08eb13fdcf4ba86c11305faddecb68d3b23d_amd64 as a component of RHODF 4.14 for RHEL 9*, odf4/mcg-rhel9-operator@sha256:e25d414f3ed6fc7ee69a930c36ef08eb13fdcf4ba86c11305faddecb68d3b23d_amd64
Red Hatodf4/ocs-rhel9-operator@sha256:5e32fa031a7c0b0a173e9117f79c004b2abf1f095c10fef8328524a5721b7475_amd64 as a component of RHODF 4.14 for RHEL 9*, odf4/ocs-rhel9-operator@sha256:5e32fa031a7c0b0a173e9117f79c004b2abf1f095c10fef8328524a5721b7475_amd64
Red Hatodf4/odf-multicluster-console-rhel9@sha256:ab38043da618d860d353b4ca47317fdb8f136fdf4a6c982ea60852561578dfd2_ppc64le as a component of RHODF 4.14 for RHEL 9odf4/odf-multicluster-console-rhel9@sha256:ab38043da618d860d353b4ca47317fdb8f136fdf4a6c982ea60852561578dfd2_ppc64le, odf4/odf-multicluster-console-rhel9@sha256:ab38043da618d860d353b4ca47317fdb8f136fdf4a6c982ea60852561578dfd2_ppc64le
Red Hatodf4/odf-multicluster-rhel9-operator@sha256:757aa4edad0e0920a7094ae798d366eb166e2d90eac670ca9d02d0499537e446_amd64 as a component of RHODF 4.14 for RHEL 9odf4/odf-multicluster-rhel9-operator@sha256:757aa4edad0e0920a7094ae798d366eb166e2d90eac670ca9d02d0499537e446_amd64, *
Red Hatodf4/odr-rhel9-operator@sha256:842f7534ac0ee0628ce375e4a891c2467cc92808ddb14046187291f13e9eb4ed_arm64 as a component of RHODF 4.14 for RHEL 9*, odf4/odr-rhel9-operator@sha256:842f7534ac0ee0628ce375e4a891c2467cc92808ddb14046187291f13e9eb4ed_arm64

…and 69 more

Timeline

  • Oct 3, 2024 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›