VDB
RHSA-2025%3A3907
RHSA-2025%3A3907
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift-logging/opa-openshift-rhel9@sha256:c42d7348fd02ccf841bfeef35a104d8391fcf32afd6333ffbb0f13799ebd8bec_ppc64le as a component of RHOL 6.1 for RHEL 9 | openshift-logging/opa-openshift-rhel9@sha256:c42d7348fd02ccf841bfeef35a104d8391fcf32afd6333ffbb0f13799ebd8bec_ppc64le, openshift-logging/opa-openshift-rhel9@sha256:c42d7348fd02ccf841bfeef35a104d8391fcf32afd6333ffbb0f13799ebd8bec_ppc64le, * |
| Red Hat | openshift-logging/opa-openshift-rhel9@sha256:8f0526bc9f252d614072f73042cb0abddc2a1a81ef2c81bd21ddf2238b38315d_s390x as a component of RHOL 6.1 for RHEL 9 | *, *, openshift-logging/opa-openshift-rhel9@sha256:8f0526bc9f252d614072f73042cb0abddc2a1a81ef2c81bd21ddf2238b38315d_s390x |
| Red Hat | openshift-logging/logging-loki-rhel9@sha256:16d08b15fd8ef4b0bed13d59b90c44d473c99fcff8e56b2311769f640ca9da9c_amd64 as a component of RHOL 6.1 for RHEL 9 | openshift-logging/logging-loki-rhel9@sha256:16d08b15fd8ef4b0bed13d59b90c44d473c99fcff8e56b2311769f640ca9da9c_amd64, *, openshift-logging/logging-loki-rhel9@sha256:16d08b15fd8ef4b0bed13d59b90c44d473c99fcff8e56b2311769f640ca9da9c_amd64 |
| Red Hat | openshift-logging/logging-loki-rhel9@sha256:21e98efab453533dbead455bdfe248fc4b8c1a6dfda148318895d9fb9a8afb7e_s390x as a component of RHOL 6.1 for RHEL 9 | *, openshift-logging/logging-loki-rhel9@sha256:21e98efab453533dbead455bdfe248fc4b8c1a6dfda148318895d9fb9a8afb7e_s390x, * |
| Red Hat | openshift-logging/cluster-logging-rhel9-operator@sha256:60a6a6a013a5e5f1b1fe59c7c309e2d9ee8cb9c588f1ccb6c7d5a4c7fc016e53_amd64 as a component of RHOL 6.1 for RHEL 9 | *, openshift-logging/cluster-logging-rhel9-operator@sha256:60a6a6a013a5e5f1b1fe59c7c309e2d9ee8cb9c588f1ccb6c7d5a4c7fc016e53_amd64, openshift-logging/cluster-logging-rhel9-operator@sha256:60a6a6a013a5e5f1b1fe59c7c309e2d9ee8cb9c588f1ccb6c7d5a4c7fc016e53_amd64 |
| Red Hat | openshift-logging/lokistack-gateway-rhel9@sha256:c705fdf8d6b5c4e8f669c1751b1d1da970764998344536dde6fdfe11a1ae4417_ppc64le as a component of RHOL 6.1 for RHEL 9 | *, *, * |
| Red Hat | openshift-logging/loki-rhel9-operator@sha256:f8a069907c905a39888e179319b60ec15fba1213bc1420898a6dcc9aaae9cd78_s390x as a component of RHOL 6.1 for RHEL 9 | openshift-logging/loki-rhel9-operator@sha256:f8a069907c905a39888e179319b60ec15fba1213bc1420898a6dcc9aaae9cd78_s390x, openshift-logging/loki-rhel9-operator@sha256:f8a069907c905a39888e179319b60ec15fba1213bc1420898a6dcc9aaae9cd78_s390x, openshift-logging/loki-rhel9-operator@sha256:f8a069907c905a39888e179319b60ec15fba1213bc1420898a6dcc9aaae9cd78_s390x |
| Red Hat | openshift-logging/eventrouter-rhel9@sha256:48aee5c2445bb8c4ed364c95a345441c0d20ef189b30b5246b643bc368ed2893_arm64 as a component of RHOL 6.1 for RHEL 9 | *, *, openshift-logging/eventrouter-rhel9@sha256:48aee5c2445bb8c4ed364c95a345441c0d20ef189b30b5246b643bc368ed2893_arm64 |
| Red Hat | openshift-logging/cluster-logging-rhel9-operator@sha256:102c955f4fe3616cbe8e2e8cb1549da04ec98b8900b014f0e9be2c91379269e2_s390x as a component of RHOL 6.1 for RHEL 9 | openshift-logging/cluster-logging-rhel9-operator@sha256:102c955f4fe3616cbe8e2e8cb1549da04ec98b8900b014f0e9be2c91379269e2_s390x, openshift-logging/cluster-logging-rhel9-operator@sha256:102c955f4fe3616cbe8e2e8cb1549da04ec98b8900b014f0e9be2c91379269e2_s390x, openshift-logging/cluster-logging-rhel9-operator@sha256:102c955f4fe3616cbe8e2e8cb1549da04ec98b8900b014f0e9be2c91379269e2_s390x |
| Red Hat | openshift-logging/vector-rhel9@sha256:b07163c181a3b0b5e10837b9e89a25aed8b501fd1b33c56d89188f10fd939616_ppc64le as a component of RHOL 6.1 for RHEL 9 | openshift-logging/vector-rhel9@sha256:b07163c181a3b0b5e10837b9e89a25aed8b501fd1b33c56d89188f10fd939616_ppc64le, *, * |
| Red Hat | openshift-logging/log-file-metric-exporter-rhel9@sha256:5bf2cd46cacfe5e0ff6c8cf6223113df1fd48cdc0f3307c2dd9727fb4e8e09b1_s390x as a component of RHOL 6.1 for RHEL 9 | openshift-logging/log-file-metric-exporter-rhel9@sha256:5bf2cd46cacfe5e0ff6c8cf6223113df1fd48cdc0f3307c2dd9727fb4e8e09b1_s390x, openshift-logging/log-file-metric-exporter-rhel9@sha256:5bf2cd46cacfe5e0ff6c8cf6223113df1fd48cdc0f3307c2dd9727fb4e8e09b1_s390x, openshift-logging/log-file-metric-exporter-rhel9@sha256:5bf2cd46cacfe5e0ff6c8cf6223113df1fd48cdc0f3307c2dd9727fb4e8e09b1_s390x |
| Red Hat | openshift-logging/lokistack-gateway-rhel9@sha256:d4a2c37167b17827a6d9efa5a01f0bfe06ab0f4fea21021961c92b1c8b751264_arm64 as a component of RHOL 6.1 for RHEL 9 | *, *, * |
| Red Hat | openshift-logging/opa-openshift-rhel9@sha256:c42d7348fd02ccf841bfeef35a104d8391fcf32afd6333ffbb0f13799ebd8bec_ppc64le as a component of RHOL 6.1 for RHEL 9 | openshift-logging/opa-openshift-rhel9@sha256:c42d7348fd02ccf841bfeef35a104d8391fcf32afd6333ffbb0f13799ebd8bec_ppc64le, *, openshift-logging/opa-openshift-rhel9@sha256:c42d7348fd02ccf841bfeef35a104d8391fcf32afd6333ffbb0f13799ebd8bec_ppc64le |
| Red Hat | openshift-logging/eventrouter-rhel9@sha256:0cf1c3992d210339cebe0312e39302096d393fd793dd7858420fc11d51ed0806_s390x as a component of RHOL 6.1 for RHEL 9 | openshift-logging/eventrouter-rhel9@sha256:0cf1c3992d210339cebe0312e39302096d393fd793dd7858420fc11d51ed0806_s390x, openshift-logging/eventrouter-rhel9@sha256:0cf1c3992d210339cebe0312e39302096d393fd793dd7858420fc11d51ed0806_s390x, * |
| Red Hat | openshift-logging/logging-loki-rhel9@sha256:21e98efab453533dbead455bdfe248fc4b8c1a6dfda148318895d9fb9a8afb7e_s390x as a component of RHOL 6.1 for RHEL 9 | openshift-logging/logging-loki-rhel9@sha256:21e98efab453533dbead455bdfe248fc4b8c1a6dfda148318895d9fb9a8afb7e_s390x, *, openshift-logging/logging-loki-rhel9@sha256:21e98efab453533dbead455bdfe248fc4b8c1a6dfda148318895d9fb9a8afb7e_s390x |
| Red Hat | openshift-logging/vector-rhel9@sha256:b07163c181a3b0b5e10837b9e89a25aed8b501fd1b33c56d89188f10fd939616_ppc64le as a component of RHOL 6.1 for RHEL 9 | openshift-logging/vector-rhel9@sha256:b07163c181a3b0b5e10837b9e89a25aed8b501fd1b33c56d89188f10fd939616_ppc64le, *, openshift-logging/vector-rhel9@sha256:b07163c181a3b0b5e10837b9e89a25aed8b501fd1b33c56d89188f10fd939616_ppc64le |
| Red Hat | openshift-logging/eventrouter-rhel9@sha256:08e42d7980780340549efeb583fa58af8091772a27d0d3854436a91f5c80d226_amd64 as a component of RHOL 6.1 for RHEL 9 | *, openshift-logging/eventrouter-rhel9@sha256:08e42d7980780340549efeb583fa58af8091772a27d0d3854436a91f5c80d226_amd64, * |
| Red Hat | openshift-logging/logging-loki-rhel9@sha256:c9ba52ab354ba6ba6ea07bd83ca70359d7d7dcce59fcab8347015ab4a33be2a8_ppc64le as a component of RHOL 6.1 for RHEL 9 | *, openshift-logging/logging-loki-rhel9@sha256:c9ba52ab354ba6ba6ea07bd83ca70359d7d7dcce59fcab8347015ab4a33be2a8_ppc64le, openshift-logging/logging-loki-rhel9@sha256:c9ba52ab354ba6ba6ea07bd83ca70359d7d7dcce59fcab8347015ab4a33be2a8_ppc64le |
| Red Hat | openshift-logging/cluster-logging-operator-bundle@sha256:8ff77eeae069d78708d243efa1d0fcb81307fe2f927335a44f559ab6d5bcd260_amd64 as a component of RHOL 6.1 for RHEL 9 | *, openshift-logging/cluster-logging-operator-bundle@sha256:8ff77eeae069d78708d243efa1d0fcb81307fe2f927335a44f559ab6d5bcd260_amd64, openshift-logging/cluster-logging-operator-bundle@sha256:8ff77eeae069d78708d243efa1d0fcb81307fe2f927335a44f559ab6d5bcd260_amd64 |
| Red Hat | openshift-logging/vector-rhel9@sha256:275912d20e6e84f6c8343208b6a45611686b59b5909de4510ebdafeba47992de_s390x as a component of RHOL 6.1 for RHEL 9 | openshift-logging/vector-rhel9@sha256:275912d20e6e84f6c8343208b6a45611686b59b5909de4510ebdafeba47992de_s390x, openshift-logging/vector-rhel9@sha256:275912d20e6e84f6c8343208b6a45611686b59b5909de4510ebdafeba47992de_s390x, openshift-logging/vector-rhel9@sha256:275912d20e6e84f6c8343208b6a45611686b59b5909de4510ebdafeba47992de_s390x |
…and 48 more
Timeline
- Apr 16, 2025 CVE Published
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- May 16, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2025:3907 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2354195 issue
- https://issues.redhat.com/browse/LOG-6991 advisory
- https://issues.redhat.com/browse/LOG-6996 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3907.json advisory
- https://access.redhat.com/security/cve/CVE-2025-30204 advisory
- https://www.cve.org/CVERecord?id=CVE-2025-30204 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-30204 advisory
- https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3 advisory
- https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp advisory
- https://pkg.go.dev/vuln/GO-2025-3553 advisory