VDB

RHSA-2025%3A3973

RHSA-2025%3A3973 PUBLISHED CVSS 5.900000095367432 MEDIUM

A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.

Risk Scores

CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatcontainer-native-virtualization/cluster-network-addons-operator-rhel9@sha256:8be81317a62550832b4eb68aed1460620079b1cc5c0da4b981a01aed5810b2c3_amd64 as a component of CNV 4.16 for RHEL 9*, *
Red Hatcontainer-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:3cbe86e9f825a7b7136335c9e94dbfbb85dac8c67dbe77ad5cb2fae515963370_amd64 as a component of CNV 4.16 for RHEL 9*, *
Red Hatcontainer-native-virtualization/virt-cdi-cloner-rhel9@sha256:ee20a3bf0273be64cf62e9a7ddc647058c20eda1fc4a12b97bf96a74f50e9538_amd64 as a component of CNV 4.16 for RHEL 9*
Red Hatcontainer-native-virtualization/virt-api-rhel9@sha256:e619df94c6b1736d92b8e33543f50b912cdd34c309384af18b08d58906d480b2_arm64 as a component of CNV 4.16 for RHEL 9container-native-virtualization/virt-api-rhel9@sha256:e619df94c6b1736d92b8e33543f50b912cdd34c309384af18b08d58906d480b2_arm64
Red Hatcontainer-native-virtualization/multus-dynamic-networks-rhel9@sha256:837d81d3d80bd08e1bf5f8be6ded4393101b78efab4f8f94b5f3b558e5e57d20_arm64 as a component of CNV 4.16 for RHEL 9*, *
Red Hatcontainer-native-virtualization/multus-dynamic-networks-rhel9@sha256:837d81d3d80bd08e1bf5f8be6ded4393101b78efab4f8f94b5f3b558e5e57d20_arm64 as a component of CNV 4.16 for RHEL 9*
Red Hatcontainer-native-virtualization/libguestfs-tools-rhel9@sha256:ea9349926bc0415d8c092637a26bedd995293850b4a17c3bbac18d1bf1942d04_arm64 as a component of CNV 4.16 for RHEL 9*, *
Red Hatcontainer-native-virtualization/mtq-operator-rhel9@sha256:588ca925e639ad1662a73c45062bada9295d804ac62797fc91dc2e65e3de64ad_arm64 as a component of CNV 4.16 for RHEL 9*
Red Hatcontainer-native-virtualization/virt-operator-rhel9@sha256:5bfc8b466707596e73456986ab1edd54c7e414ba2358e8b071f7ece80c71f8fa_amd64 as a component of CNV 4.16 for RHEL 9container-native-virtualization/virt-operator-rhel9@sha256:5bfc8b466707596e73456986ab1edd54c7e414ba2358e8b071f7ece80c71f8fa_amd64
Red Hatcontainer-native-virtualization/kubevirt-storage-checkup-rhel9@sha256:0e6bd537934ad198b1b8c3346a6a44abdc5ac8062a6f239e1ce13cf4a875c092_arm64 as a component of CNV 4.16 for RHEL 9*, *
Red Hatcontainer-native-virtualization/libguestfs-tools-rhel9@sha256:9f3d7afbe5746fa6641dbb513794ddc61fae3d795f7fa5e1809791355d77777a_amd64 as a component of CNV 4.16 for RHEL 9container-native-virtualization/libguestfs-tools-rhel9@sha256:9f3d7afbe5746fa6641dbb513794ddc61fae3d795f7fa5e1809791355d77777a_amd64
Red Hatcontainer-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:7ae29d47466ce974455ccd73908326c1e087674e7619c683e0a3b05c31d2afff_arm64 as a component of CNV 4.16 for RHEL 9container-native-virtualization/kubevirt-ssp-operator-rhel9@sha256:7ae29d47466ce974455ccd73908326c1e087674e7619c683e0a3b05c31d2afff_arm64
Red Hatcontainer-native-virtualization/virt-cdi-importer-rhel9@sha256:40801946d71d0a8ae84a0941f79652451d73fd289429330d5525aea27270e1c0_arm64 as a component of CNV 4.16 for RHEL 9*
Red Hatcontainer-native-virtualization/wasp-agent-rhel9@sha256:bea6d4fd1ff0fbcfde5cddb0eab46f8ff55651496bc99f4d301000ed94d7baea_arm64 as a component of CNV 4.16 for RHEL 9*
Red Hatcontainer-native-virtualization/kubevirt-console-plugin-rhel9@sha256:fcfbd52d609a582da1f28a80b5fbff60b4b3e441b03e30f5383b3d67fb58b845_amd64 as a component of CNV 4.16 for RHEL 9container-native-virtualization/kubevirt-console-plugin-rhel9@sha256:fcfbd52d609a582da1f28a80b5fbff60b4b3e441b03e30f5383b3d67fb58b845_amd64
Red Hatcontainer-native-virtualization/virt-exportserver-rhel9@sha256:34dcced345d2ce57d4270f338b0bab5ae4baa7692fa308abd7a3652e64554cc6_amd64 as a component of CNV 4.16 for RHEL 9*, *
Red Hatcontainer-native-virtualization/hyperconverged-cluster-operator-rhel9@sha256:3fd9e637f55f7c894f020d7984cc6fe46b78e11ece404ba8e5e6eda2af3310b4_amd64 as a component of CNV 4.16 for RHEL 9*
Red Hatcontainer-native-virtualization/hyperconverged-cluster-webhook-rhel9@sha256:6b9a4e20f363ea5f7e46d238ed64bfdc2efeed90b45e59f05604aa0c4e12b53d_amd64 as a component of CNV 4.16 for RHEL 9*
Red Hatcontainer-native-virtualization/virt-api-rhel9@sha256:e619df94c6b1736d92b8e33543f50b912cdd34c309384af18b08d58906d480b2_arm64 as a component of CNV 4.16 for RHEL 9*, *
Red Hatcontainer-native-virtualization/virt-cdi-apiserver-rhel9@sha256:efe6822bced3a98ad5bf7a8701d0ad66f4d4505fb31030a3a34eef94df8aa44f_arm64 as a component of CNV 4.16 for RHEL 9container-native-virtualization/virt-cdi-apiserver-rhel9@sha256:efe6822bced3a98ad5bf7a8701d0ad66f4d4505fb31030a3a34eef94df8aa44f_arm64

…and 197 more

Timeline

  • Apr 17, 2025 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Jul 5, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›