VDB
RHSA-2025%3A0754
RHSA-2025%3A0754
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:c0e2c88765dab9373bf71f6c9359e338b83f133d170d6dd32130e6023e3a4a2a_ppc64le as a component of Builds for Red Hat OpenShift 1.2.2 | registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:c0e2c88765dab9373bf71f6c9359e338b83f133d170d6dd32130e6023e3a4a2a_ppc64le, * |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:96dc86543b9f09ea5590c144ade9361ce3184ce028cac8e76652d762961c5b44_amd64 as a component of Builds for Red Hat OpenShift 1.2.2 | * |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:41ce2e480329f54ac9032587853c8840b3f08fb4b0042dfcaf90e3ce05e29da1_ppc64le as a component of Builds for Red Hat OpenShift 1.2.2 | * |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:1e433bcec606fa432a50dc8fc06af6f373e7580f4c468cb3ad4bd670d858085a_ppc64le as a component of Builds for Red Hat OpenShift 1.2.2 | * |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:f314b7fe88ac8aaed72eb22b0c7e6c66ce4794a1b007a281b90af3850c08ad4b_ppc64le as a component of Builds for Red Hat OpenShift 1.2.2 | registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:f314b7fe88ac8aaed72eb22b0c7e6c66ce4794a1b007a281b90af3850c08ad4b_ppc64le, * |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:230a283cb6ee5aabd9de16954dbb712d5ca973f2c58b4e930d92122d705eca6d_arm64 as a component of Builds for Red Hat OpenShift 1.2.2 | registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:230a283cb6ee5aabd9de16954dbb712d5ca973f2c58b4e930d92122d705eca6d_arm64, registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:230a283cb6ee5aabd9de16954dbb712d5ca973f2c58b4e930d92122d705eca6d_arm64 |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:1e433bcec606fa432a50dc8fc06af6f373e7580f4c468cb3ad4bd670d858085a_ppc64le as a component of Builds for Red Hat OpenShift 1.2.2 | registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:1e433bcec606fa432a50dc8fc06af6f373e7580f4c468cb3ad4bd670d858085a_ppc64le, registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:1e433bcec606fa432a50dc8fc06af6f373e7580f4c468cb3ad4bd670d858085a_ppc64le |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:e4aaf133f2e2095a272d7d2637d5e0af28eb248f553421da5188745414b357f2_amd64 as a component of Builds for Red Hat OpenShift 1.2.2 | *, registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:e4aaf133f2e2095a272d7d2637d5e0af28eb248f553421da5188745414b357f2_amd64 |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:de285edaae627da5783ccef71caeff4f0d615a3b1c30d8a736e13e199c13a836_ppc64le as a component of Builds for Red Hat OpenShift 1.2.2 | * |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:8b8b301eafc5d1ae8d298cbe64b09cb912b2ed924fdabdb77f5f0c78e782e8dd_s390x as a component of Builds for Red Hat OpenShift 1.2.2 | *, registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:8b8b301eafc5d1ae8d298cbe64b09cb912b2ed924fdabdb77f5f0c78e782e8dd_s390x |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:42864a1d636646b64c6d052785b38add98f46da25618b17ffdaac8c6b26a7add_s390x as a component of Builds for Red Hat OpenShift 1.2.2 | * |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:b8ed9fd4a031cedc89219e5d15ffc9b02212c0cee40664b094d6e91574d33fb9_ppc64le as a component of Builds for Red Hat OpenShift 1.2.2 | registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:b8ed9fd4a031cedc89219e5d15ffc9b02212c0cee40664b094d6e91574d33fb9_ppc64le, registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:b8ed9fd4a031cedc89219e5d15ffc9b02212c0cee40664b094d6e91574d33fb9_ppc64le |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:03aeca699a2df3d3a11f7a176e0938213558c2b8cf483eb01a84c6a4bdcf0416_amd64 as a component of Builds for Red Hat OpenShift 1.2.2 | * |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af7695430c347cbdf66800a913fa48fb500f820047fed127989d92919e85d22a_s390x as a component of Builds for Red Hat OpenShift 1.2.2 | *, registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af7695430c347cbdf66800a913fa48fb500f820047fed127989d92919e85d22a_s390x |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:efd861373abd7163ac078f32832f851790d2bbb88c73b299ab7d16df4eb51305_arm64 as a component of Builds for Red Hat OpenShift 1.2.2 | *, registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:efd861373abd7163ac078f32832f851790d2bbb88c73b299ab7d16df4eb51305_arm64 |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:7e1931fd50dcc5889a1ebeafc348dbf5059d0c191f2061f786490e387ff54888_arm64 as a component of Builds for Red Hat OpenShift 1.2.2 | registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:7e1931fd50dcc5889a1ebeafc348dbf5059d0c191f2061f786490e387ff54888_arm64, registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:7e1931fd50dcc5889a1ebeafc348dbf5059d0c191f2061f786490e387ff54888_arm64 |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:43c0194a3c6bc63c1a0e390199cc267f9a5aef571b9f222d984323ecd4c15993_arm64 as a component of Builds for Red Hat OpenShift 1.2.2 | *, * |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:7e1931fd50dcc5889a1ebeafc348dbf5059d0c191f2061f786490e387ff54888_arm64 as a component of Builds for Red Hat OpenShift 1.2.2 | * |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:2b5a541fd5c8dbbd7c17b6acb2c1c65c0d94c58c53105b3d6771009acbe0a76a_ppc64le as a component of Builds for Red Hat OpenShift 1.2.2 | registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:2b5a541fd5c8dbbd7c17b6acb2c1c65c0d94c58c53105b3d6771009acbe0a76a_ppc64le, registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:2b5a541fd5c8dbbd7c17b6acb2c1c65c0d94c58c53105b3d6771009acbe0a76a_ppc64le |
| Red Hat | registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:962926092da8e580676643a5484cc4120b7261efcebd267e078def5667f7e069_ppc64le as a component of Builds for Red Hat OpenShift 1.2.2 | * |
…and 60 more
Exploit Intelligence
- DemoReseedInfra.kt (github-poc)
- poc.py (github-poc)
- scan.openvex.json (github-poc)
- vulncheck_test.go (github-poc)
Timeline
- Jan 28, 2025 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- May 15, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2025:0754 advisory
- https://docs.openshift.com/builds/1.1/about/overview-openshift-builds.html advisory
- https://access.redhat.com/security/cve/CVE-2024-45338 advisory
- https://access.redhat.com/security/cve/CVE-2025-21613 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0754.json advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2333122 issue
- https://www.cve.org/CVERecord?id=CVE-2024-45338 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-45338 advisory
- https://go.dev/cl/637536 advisory
- https://go.dev/issue/70906 advisory
- https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ advisory
- https://pkg.go.dev/vuln/GO-2024-3333 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2335888 issue
- https://www.cve.org/CVERecord?id=CVE-2025-21613 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-21613 advisory
- https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m advisory
- https://pkg.go.dev/vuln/GO-2025-3368 advisory