VDB

RHSA-2025%3A0907

RHSA-2025%3A0907 PUBLISHED CVSS 7.5 HIGH

A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatadvanced-cluster-security/rhacs-scanner-db-rhel8@sha256:202d116ef0d6208b1ed44c9bfb0c1527dad0e44031d2b9babe7fa25eee0197cd_ppc64le as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-main-rhel8@sha256:4b9a01b61e1f72eb9103718c6fd08f89f3776ba2b0807a8721e890397c158475_amd64 as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-main-rhel8@sha256:6b5d06e7effb97bd532375e8982ff4396924355fccb161be19df0dc121a098a1_arm64 as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9929ec613b4bc008705bee775b56aec1c4729c2f0c1d572239a75424b246452b_amd64 as a component of RHACS 4.6 for RHEL 8advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9929ec613b4bc008705bee775b56aec1c4729c2f0c1d572239a75424b246452b_amd64, *
Red Hatadvanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f38522cec9a86c17a565cd3eff51c1960a9ea171a786d8af4244ca141f7f285_arm64 as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-collector-slim-rhel8@sha256:ecf659bdaeb9cbbfd0f5178ffc83b7b8474b5dd83ce565e50c57f18599dcd0a4_arm64 as a component of RHACS 4.6 for RHEL 8advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:ecf659bdaeb9cbbfd0f5178ffc83b7b8474b5dd83ce565e50c57f18599dcd0a4_arm64, *
Red Hatadvanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:dc6bc09d80acc2ca1cc43925c7dc634f4922b5e1849ff5a30280002f6767ad6e_amd64 as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f902f9109751eba20c26a8cbe89c52c18467d8166ff33716c79390d743d756a0_amd64 as a component of RHACS 4.6 for RHEL 8advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f902f9109751eba20c26a8cbe89c52c18467d8166ff33716c79390d743d756a0_amd64, advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f902f9109751eba20c26a8cbe89c52c18467d8166ff33716c79390d743d756a0_amd64
Red Hatadvanced-cluster-security/rhacs-scanner-db-rhel8@sha256:202d116ef0d6208b1ed44c9bfb0c1527dad0e44031d2b9babe7fa25eee0197cd_ppc64le as a component of RHACS 4.6 for RHEL 8advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:202d116ef0d6208b1ed44c9bfb0c1527dad0e44031d2b9babe7fa25eee0197cd_ppc64le, *
Red Hatadvanced-cluster-security/rhacs-central-db-rhel8@sha256:897c5db46b7bf6a19edef564e7a220e1a805ce6430befa7bb84a7b20ffa658fe_amd64 as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-scanner-rhel8@sha256:05fc5fa02cb04737a083b29d0d344da428f8d0b8fe24229715d5d6512dbab2f1_ppc64le as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-main-rhel8@sha256:5248ab4d7994e809e5cae15758231e7844dbd6772351b257cc4b0a90f4eb9ccd_ppc64le as a component of RHACS 4.6 for RHEL 8*, advanced-cluster-security/rhacs-main-rhel8@sha256:5248ab4d7994e809e5cae15758231e7844dbd6772351b257cc4b0a90f4eb9ccd_ppc64le
Red Hatadvanced-cluster-security/rhacs-rhel8-operator@sha256:fe38999c6c30224a453027c1cb9117df9d742c4056a8997054e7f299e266e9a8_ppc64le as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:797637fd0bc37a7b30704a1984e577c5f0b0a3c803ac310efa89bcfb1322799c_ppc64le as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-scanner-rhel8@sha256:d38ac805c3a827fbc01686ec53909c919eeb4e5d62730a7ec67d29fbd00bf049_amd64 as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f2109b7ec783bc98539c147b43a0b747f571a02bf78fd70220d3f9cbb5b2c9b4_ppc64le as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-collector-slim-rhel8@sha256:ecf659bdaeb9cbbfd0f5178ffc83b7b8474b5dd83ce565e50c57f18599dcd0a4_arm64 as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f902f9109751eba20c26a8cbe89c52c18467d8166ff33716c79390d743d756a0_amd64 as a component of RHACS 4.6 for RHEL 8*, *
Red Hatadvanced-cluster-security/rhacs-scanner-db-rhel8@sha256:15b02a2b037f2713fd3bad41506f606cb5bb7d4fe2263b54bc0597ecfa44bfb4_arm64 as a component of RHACS 4.6 for RHEL 8advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:15b02a2b037f2713fd3bad41506f606cb5bb7d4fe2263b54bc0597ecfa44bfb4_arm64, advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:15b02a2b037f2713fd3bad41506f606cb5bb7d4fe2263b54bc0597ecfa44bfb4_arm64
Red Hatadvanced-cluster-security/rhacs-rhel8-operator@sha256:effc0cd6a09c7c1ce2b3a46a46ed4cb9f4b1ac65f3af783a7404a7b22a0d3db6_amd64 as a component of RHACS 4.6 for RHEL 8*, *

…and 84 more

Timeline

  • Feb 3, 2025 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Jul 5, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›