VDB

RHSA-2025%3A8691

RHSA-2025%3A8691 PUBLISHED CVSS 5.400000095367432 MEDIUM

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed (LF) instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to send hidden or unauthorized requests.

Risk Scores

CVSS 3.1
5.400000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
Red Hatrhacm2/nettest-rhel9@sha256:4f2aee7f7c6b338bd2346a20388b546d7a1aa02e84b7abadc1e926b201ec4d97_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/nettest-rhel9@sha256:4f2aee7f7c6b338bd2346a20388b546d7a1aa02e84b7abadc1e926b201ec4d97_ppc64le, rhacm2/nettest-rhel9@sha256:4f2aee7f7c6b338bd2346a20388b546d7a1aa02e84b7abadc1e926b201ec4d97_ppc64le, rhacm2/nettest-rhel9@sha256:4f2aee7f7c6b338bd2346a20388b546d7a1aa02e84b7abadc1e926b201ec4d97_ppc64le
Red Hatrhacm2/submariner-rhel9-operator@sha256:50dae447651e1752431208c46c50568066fcb6dc8ca3a405d7c0f4f4b8aecfd3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9*, rhacm2/submariner-rhel9-operator@sha256:50dae447651e1752431208c46c50568066fcb6dc8ca3a405d7c0f4f4b8aecfd3_s390x, *
Red Hatrhacm2/lighthouse-agent-rhel9@sha256:f551c0c21d76bd9d1bf22a3451baad512ead453464a4a6d56feb7a2c706060e0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/lighthouse-agent-rhel9@sha256:f551c0c21d76bd9d1bf22a3451baad512ead453464a4a6d56feb7a2c706060e0_amd64, rhacm2/lighthouse-agent-rhel9@sha256:f551c0c21d76bd9d1bf22a3451baad512ead453464a4a6d56feb7a2c706060e0_amd64, rhacm2/lighthouse-agent-rhel9@sha256:f551c0c21d76bd9d1bf22a3451baad512ead453464a4a6d56feb7a2c706060e0_amd64
Red Hatrhacm2/submariner-route-agent-rhel9@sha256:b4cb56207415dba58e26dbd0c20ab03bd7d373ed4dbe38afff625c09b0c34045_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9*, *, rhacm2/submariner-route-agent-rhel9@sha256:b4cb56207415dba58e26dbd0c20ab03bd7d373ed4dbe38afff625c09b0c34045_s390x
Red Hatrhacm2/submariner-operator-bundle@sha256:0afb3c827adda79c353e8d1e8c5295f93c866558c6c1f5c6ff0d6e532e103152_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9*, rhacm2/submariner-operator-bundle@sha256:0afb3c827adda79c353e8d1e8c5295f93c866558c6c1f5c6ff0d6e532e103152_ppc64le, rhacm2/submariner-operator-bundle@sha256:0afb3c827adda79c353e8d1e8c5295f93c866558c6c1f5c6ff0d6e532e103152_ppc64le
Red Hatrhacm2/submariner-globalnet-rhel9@sha256:ac3c412a954d413a94477f6d8fe0b6ed8106be8ad5f18a3d025ed6f2e7c92e39_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/submariner-globalnet-rhel9@sha256:ac3c412a954d413a94477f6d8fe0b6ed8106be8ad5f18a3d025ed6f2e7c92e39_arm64, *, rhacm2/submariner-globalnet-rhel9@sha256:ac3c412a954d413a94477f6d8fe0b6ed8106be8ad5f18a3d025ed6f2e7c92e39_arm64
Red Hatrhacm2/submariner-globalnet-rhel9@sha256:4da2c708f36e002ace1a968269b7cdc7e1d230bc479b9adeb72f1fd01fc47126_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/submariner-globalnet-rhel9@sha256:4da2c708f36e002ace1a968269b7cdc7e1d230bc479b9adeb72f1fd01fc47126_s390x, *, *
Red Hatrhacm2/submariner-gateway-rhel9@sha256:464177ebc6dbf5dec0358624c06ae0c878987bdb14773572ae78628ef2d0d850_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/submariner-gateway-rhel9@sha256:464177ebc6dbf5dec0358624c06ae0c878987bdb14773572ae78628ef2d0d850_arm64, rhacm2/submariner-gateway-rhel9@sha256:464177ebc6dbf5dec0358624c06ae0c878987bdb14773572ae78628ef2d0d850_arm64, *
Red Hatrhacm2/submariner-operator-bundle@sha256:90505e5ffaee7af330306c4e045d3755e0c74d30b9f45e1e7739c205d945872d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/submariner-operator-bundle@sha256:90505e5ffaee7af330306c4e045d3755e0c74d30b9f45e1e7739c205d945872d_amd64, rhacm2/submariner-operator-bundle@sha256:90505e5ffaee7af330306c4e045d3755e0c74d30b9f45e1e7739c205d945872d_amd64, rhacm2/submariner-operator-bundle@sha256:90505e5ffaee7af330306c4e045d3755e0c74d30b9f45e1e7739c205d945872d_amd64
Red Hatrhacm2/lighthouse-agent-rhel9@sha256:2a9db14fa216426d95d202069e5760c42c69cf9103b4c5329750fbb6d82c75e9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9*, *, rhacm2/lighthouse-agent-rhel9@sha256:2a9db14fa216426d95d202069e5760c42c69cf9103b4c5329750fbb6d82c75e9_s390x
Red Hatrhacm2/submariner-rhel9-operator@sha256:f6ac444edb3e2520dd9d8bdd02d6a601799f147e78076b131d0c79fa45a91549_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9*, rhacm2/submariner-rhel9-operator@sha256:f6ac444edb3e2520dd9d8bdd02d6a601799f147e78076b131d0c79fa45a91549_ppc64le, rhacm2/submariner-rhel9-operator@sha256:f6ac444edb3e2520dd9d8bdd02d6a601799f147e78076b131d0c79fa45a91549_ppc64le
Red Hatrhacm2/submariner-globalnet-rhel9@sha256:4da2c708f36e002ace1a968269b7cdc7e1d230bc479b9adeb72f1fd01fc47126_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/submariner-globalnet-rhel9@sha256:4da2c708f36e002ace1a968269b7cdc7e1d230bc479b9adeb72f1fd01fc47126_s390x, rhacm2/submariner-globalnet-rhel9@sha256:4da2c708f36e002ace1a968269b7cdc7e1d230bc479b9adeb72f1fd01fc47126_s390x, rhacm2/submariner-globalnet-rhel9@sha256:4da2c708f36e002ace1a968269b7cdc7e1d230bc479b9adeb72f1fd01fc47126_s390x
Red Hatrhacm2/lighthouse-coredns-rhel9@sha256:70746910e44b2eb8b06540fd8f04d47ff7f81fb8d6306cb4320e45d313d20e06_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/lighthouse-coredns-rhel9@sha256:70746910e44b2eb8b06540fd8f04d47ff7f81fb8d6306cb4320e45d313d20e06_arm64, rhacm2/lighthouse-coredns-rhel9@sha256:70746910e44b2eb8b06540fd8f04d47ff7f81fb8d6306cb4320e45d313d20e06_arm64, rhacm2/lighthouse-coredns-rhel9@sha256:70746910e44b2eb8b06540fd8f04d47ff7f81fb8d6306cb4320e45d313d20e06_arm64
Red Hatrhacm2/submariner-globalnet-rhel9@sha256:ac3c412a954d413a94477f6d8fe0b6ed8106be8ad5f18a3d025ed6f2e7c92e39_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/submariner-globalnet-rhel9@sha256:ac3c412a954d413a94477f6d8fe0b6ed8106be8ad5f18a3d025ed6f2e7c92e39_arm64, rhacm2/submariner-globalnet-rhel9@sha256:ac3c412a954d413a94477f6d8fe0b6ed8106be8ad5f18a3d025ed6f2e7c92e39_arm64, rhacm2/submariner-globalnet-rhel9@sha256:ac3c412a954d413a94477f6d8fe0b6ed8106be8ad5f18a3d025ed6f2e7c92e39_arm64
Red Hatrhacm2/nettest-rhel9@sha256:cb76796c20f623626a910d7e91a3f532e3859374241409413b9d73f78a02cb2c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/nettest-rhel9@sha256:cb76796c20f623626a910d7e91a3f532e3859374241409413b9d73f78a02cb2c_s390x, rhacm2/nettest-rhel9@sha256:cb76796c20f623626a910d7e91a3f532e3859374241409413b9d73f78a02cb2c_s390x, rhacm2/nettest-rhel9@sha256:cb76796c20f623626a910d7e91a3f532e3859374241409413b9d73f78a02cb2c_s390x
Red Hatrhacm2/subctl-rhel9@sha256:b6149d811167a0dce536c965ce40b895a4cb1a9f164bc76f6cc3a935ab31a5f0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/subctl-rhel9@sha256:b6149d811167a0dce536c965ce40b895a4cb1a9f164bc76f6cc3a935ab31a5f0_amd64, rhacm2/subctl-rhel9@sha256:b6149d811167a0dce536c965ce40b895a4cb1a9f164bc76f6cc3a935ab31a5f0_amd64, rhacm2/subctl-rhel9@sha256:b6149d811167a0dce536c965ce40b895a4cb1a9f164bc76f6cc3a935ab31a5f0_amd64
Red Hatrhacm2/lighthouse-coredns-rhel9@sha256:b48943833247d310361a59aa94ae763dee54969d9dff878215ca026775d8a4d4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/lighthouse-coredns-rhel9@sha256:b48943833247d310361a59aa94ae763dee54969d9dff878215ca026775d8a4d4_ppc64le, *, *
Red Hatrhacm2/lighthouse-coredns-rhel9@sha256:d9b9c13df0d49620d7250690e73d4c0c46943c87df518b00241c7f4902a9c6df_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/lighthouse-coredns-rhel9@sha256:d9b9c13df0d49620d7250690e73d4c0c46943c87df518b00241c7f4902a9c6df_amd64, *, rhacm2/lighthouse-coredns-rhel9@sha256:d9b9c13df0d49620d7250690e73d4c0c46943c87df518b00241c7f4902a9c6df_amd64
Red Hatrhacm2/lighthouse-agent-rhel9@sha256:5c4b37026e58b2076c283e7c8a6c0a10f19409d348c7273d7c90f4faaea75724_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9rhacm2/lighthouse-agent-rhel9@sha256:5c4b37026e58b2076c283e7c8a6c0a10f19409d348c7273d7c90f4faaea75724_arm64, rhacm2/lighthouse-agent-rhel9@sha256:5c4b37026e58b2076c283e7c8a6c0a10f19409d348c7273d7c90f4faaea75724_arm64, rhacm2/lighthouse-agent-rhel9@sha256:5c4b37026e58b2076c283e7c8a6c0a10f19409d348c7273d7c90f4faaea75724_arm64
Red Hatrhacm2/submariner-route-agent-rhel9@sha256:39208ace7f2a9bd72696d0b38a7ccaf28631a86aedcbaa8b95f656a2d53b69db_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9*, rhacm2/submariner-route-agent-rhel9@sha256:39208ace7f2a9bd72696d0b38a7ccaf28631a86aedcbaa8b95f656a2d53b69db_ppc64le, rhacm2/submariner-route-agent-rhel9@sha256:39208ace7f2a9bd72696d0b38a7ccaf28631a86aedcbaa8b95f656a2d53b69db_ppc64le

…and 52 more

Exploit Intelligence

Timeline

  • Jun 9, 2025 CVE Published
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • May 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›