VDB

RHSA-2024%3A8688

RHSA-2024%3A8688 PUBLISHED CVSS 7.300000190734863 HIGH

A flaw was found in Gin-Gonic Gin. This flaw allows a remote attacker to bypass security restrictions caused by improper input validation. An attacker can perform cache poisoning attacks by sending a specially-crafted request using the X-Forwarded-Prefix header.

Risk Scores

CVSS 3.1
7.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-cloud-credential-operator@sha256:7d7198fba661bd61487294acf52fbd7cf528c41d1838f5cec9be5aec12476384_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cloud-credential-operator@sha256:7d7198fba661bd61487294acf52fbd7cf528c41d1838f5cec9be5aec12476384_arm64
Red Hatopenshift4/ose-tools-rhel8@sha256:6acaa6ebe654e2dc7530f751d7866811a19c32e04f8cda9aba1f03f558f4170d_ppc64le as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-cluster-storage-operator@sha256:c22ec90f3bfa70b4220e3fa5e0e83c1967f462b67e7b204b1efa9b6283979bdc_amd64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-coredns@sha256:690463c5e3e8197ebee304181b637b65de198309f6d92ba3678e8ea1dab4bc02_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-coredns@sha256:690463c5e3e8197ebee304181b637b65de198309f6d92ba3678e8ea1dab4bc02_ppc64le
Red Hatopenshift4/kubevirt-csi-driver-rhel8@sha256:d80d45710999bf26c40eeb0175ecff96aea9323dfd4e47afcea7b61c3eb5c38d_s390x as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:a6df3778c648ce08e25e7ac1ddd38abc2093ec6bcf907d2182922397b2b0dd10_arm64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-cluster-config-operator@sha256:064d35e15a6912efff7de329de6431eb9eae322a7ba4a13082b0f7a40efa650d_arm64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-pod@sha256:af8a03bcb8b5802e5162c2ff18541c26f39b250c21f0c0f94292c6203756810c_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-pod@sha256:af8a03bcb8b5802e5162c2ff18541c26f39b250c21f0c0f94292c6203756810c_arm64
Red Hatopenshift4/ose-csi-external-snapshotter@sha256:500a5e6fc63720095a71c05f0e102e6df54df1bc7ee3711e891caf6a2b0930dc_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-csi-external-snapshotter@sha256:500a5e6fc63720095a71c05f0e102e6df54df1bc7ee3711e891caf6a2b0930dc_amd64
Red Hatopenshift4/ose-cluster-authentication-operator@sha256:2110b2f60c3030e3547a00a063241bb8d0df807b0b3a1e3a2ae0e04f4b0a40ac_amd64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-cluster-authentication-operator@sha256:2110b2f60c3030e3547a00a063241bb8d0df807b0b3a1e3a2ae0e04f4b0a40ac_amd64
Red Hatopenshift4/ose-csi-external-provisioner-rhel8@sha256:e4373b93429f9f2a2605519eaebd313f6b6be1026f190cc262bc59d4e8ef1773_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-csi-external-provisioner-rhel8@sha256:e4373b93429f9f2a2605519eaebd313f6b6be1026f190cc262bc59d4e8ef1773_ppc64le
Red Hatopenshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:ffb62a82bb3fa95f7318274d6041fd772918cbe3e47f060e8b1afca9f74fc2bc_arm64 as a component of Red Hat OpenShift Container Platform 4.13openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:ffb62a82bb3fa95f7318274d6041fd772918cbe3e47f060e8b1afca9f74fc2bc_arm64
Red Hatopenshift4/ose-cluster-config-operator@sha256:064d35e15a6912efff7de329de6431eb9eae322a7ba4a13082b0f7a40efa650d_arm64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/kubevirt-csi-driver-rhel8@sha256:d80d45710999bf26c40eeb0175ecff96aea9323dfd4e47afcea7b61c3eb5c38d_s390x as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/network-tools-rhel8@sha256:d16444d33ee6c6f071a0b289ac07b58f942c1375b4110452c5680f17b3295be4_ppc64le as a component of Red Hat OpenShift Container Platform 4.13openshift4/network-tools-rhel8@sha256:d16444d33ee6c6f071a0b289ac07b58f942c1375b4110452c5680f17b3295be4_ppc64le
Red Hatopenshift4/ose-csi-driver-nfs-rhel8@sha256:0f3642d45503ee5428fb730bf4d42ad396bc920cece6b322579fbecf94bcf2ba_amd64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ovirt-csi-driver-rhel8-operator@sha256:821bd1a1ed3c2587ffd949a602590e3605acd8f1af5a0c74f1357147c266bd4f_ppc64le as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-csi-external-provisioner-rhel8@sha256:24776df8d2e532f034ef7717fd67177cc4541f7e12cb007956969b79d98e381c_s390x as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-kube-proxy@sha256:4f80756e1acca51731c1b6cace0d6c6cae3e6a227859fbe0e10d9df91509df86_arm64 as a component of Red Hat OpenShift Container Platform 4.13*
Red Hatopenshift4/ose-pod@sha256:a72b7aa075126c23b51950754f042c955bc7ea9f192cab39f56454a81da1dddc_ppc64le as a component of Red Hat OpenShift Container Platform 4.13*

…and 1288 more

Timeline

  • Nov 6, 2024 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›