VDB

RHSA-2025%3A3132

RHSA-2025%3A3132 PUBLISHED CVSS 7.5 HIGH

A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le as a component of RHOL 6.0 for RHEL 9openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le, *, openshift-logging/opa-openshift-rhel9@sha256:a88fbeca3dce34d749a433de069ac020acd6446be807abbeebb699fbf60e1849_ppc64le
Red Hatopenshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le as a component of RHOL 6.0 for RHEL 9openshift-logging/eventrouter-rhel9@sha256:4f287a5ae842fc8b87ba0ac19dd9909ce0fb17b4f4b6c582621b559b55a9c0ae_ppc64le, *, *
Red Hatopenshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x as a component of RHOL 6.0 for RHEL 9openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x, openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x, openshift-logging/loki-rhel9-operator@sha256:f6426dc70bc6bfce23a72163afb3229a28bbc340e1e5dbd42696534a6187b6eb_s390x
Red Hatopenshift-logging/eventrouter-rhel9@sha256:6fc3e68cc69f8ce6eb93244fc344260b48ac68794da1ce78aeb4fad606576789_arm64 as a component of RHOL 6.0 for RHEL 9*, *, *
Red Hatopenshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64 as a component of RHOL 6.0 for RHEL 9openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64, openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64, openshift-logging/loki-rhel9-operator@sha256:161fc8b97a1752329c7456a6e052b7bedb39a566bc0ba4b91a31a1360aabbaa8_arm64
Red Hatopenshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le as a component of RHOL 6.0 for RHEL 9*, *, openshift-logging/log-file-metric-exporter-rhel9@sha256:e5fdace6353f81300d3fbf57d89ec1ea5038afdb2120cb0c524ce61d65424e34_ppc64le
Red Hatopenshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x as a component of RHOL 6.0 for RHEL 9openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x, openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x, openshift-logging/opa-openshift-rhel9@sha256:89d23ee10b06a32e8424014a6bad13ec4cacc9458a22d829f1539462c8757624_s390x
Red Hatopenshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64 as a component of RHOL 6.0 for RHEL 9*, openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64, openshift-logging/cluster-logging-rhel9-operator@sha256:6646e0c4534894aab3169a534326a8bfbee5d4c384bdd94434613e4044c8acc6_amd64
Red Hatopenshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le as a component of RHOL 6.0 for RHEL 9*, *, openshift-logging/vector-rhel9@sha256:4e73489bf07ff3376c3947f769902acfc206c6f3ed00cfd7f724f4022be97b44_ppc64le
Red Hatopenshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64 as a component of RHOL 6.0 for RHEL 9openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64, *, *
Red Hatopenshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64 as a component of RHOL 6.0 for RHEL 9*, openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64, openshift-logging/lokistack-gateway-rhel9@sha256:06322689631815e632be8ac68c784641801499b80c7f84ef65a6b6be7d87a85a_arm64
Red Hatopenshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64 as a component of RHOL 6.0 for RHEL 9*, openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64, openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64
Red Hatopenshift-logging/vector-rhel9@sha256:4544bf43eed07afab6f941b7f8fd56a635045eb3ac182bbd180d816a9fc10f76_amd64 as a component of RHOL 6.0 for RHEL 9*, *, *
Red Hatopenshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64 as a component of RHOL 6.0 for RHEL 9*, openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64, openshift-logging/log-file-metric-exporter-rhel9@sha256:0bc239163627bd0b502d74072d5fd8f6606b222784d24963bcc6d104353221c8_arm64
Red Hatopenshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le as a component of RHOL 6.0 for RHEL 9openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le, openshift-logging/loki-rhel9-operator@sha256:f9f2c7e18a194440964e889c99bffd704b260eee5e4202575dd341fea4ab23fd_ppc64le, *
Red Hatopenshift-logging/lokistack-gateway-rhel9@sha256:55d833a3314752d84f5d8fecdec10e1ba933563991e444536aeae17b2e62c397_amd64 as a component of RHOL 6.0 for RHEL 9*, *, *
Red Hatopenshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64 as a component of RHOL 6.0 for RHEL 9openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64, openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64, openshift-logging/cluster-logging-operator-bundle@sha256:04347c5ffe4381dfc2ec48cafa04b65cd85b732ab32c361a03acadc6b12486c5_amd64
Red Hatopenshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x as a component of RHOL 6.0 for RHEL 9openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x, openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x, openshift-logging/logging-loki-rhel9@sha256:ac504d165b83e047af9d8c2a49f136b13e466c43d2d9f679850b3a32f44d96f3_s390x
Red Hatopenshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64 as a component of RHOL 6.0 for RHEL 9openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64, *, openshift-logging/loki-rhel9-operator@sha256:7e5c29156bfbfe36ba9a3fae143d5bfd4a4cbd6b586183e0338b356e3ebec4f0_amd64
Red Hatopenshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x as a component of RHOL 6.0 for RHEL 9openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x, openshift-logging/lokistack-gateway-rhel9@sha256:8159842ddd7237c3710ce6a93338bd3647d53a6355989f614a2bc26e8ed81452_s390x, *

…and 48 more

Exploit Intelligence

Timeline

  • Mar 26, 2025 CVE Published
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›