Headline
RHSA-2023:3305: Red Hat Security Advisory: OpenShift Container Platform 4.13.1 security and extras update
Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-05-30
Updated:
2023-05-30
RHSA-2023:3305 - Security Advisory
- Overview
- Updated Images
Synopsis
Moderate: OpenShift Container Platform 4.13.1 security and extras update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs.
This release includes a security update for Red Hat OpenShift Container Platform 4.13.
Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.1. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:3304
Security Fix(es):
- net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html
Affected Products
- Red Hat OpenShift Container Platform 4.13 for RHEL 9 x86_64
- Red Hat OpenShift Container Platform 4.13 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9 ppc64le
- Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9 s390x
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9 aarch64
- Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8 aarch64
Fixes
- BZ - 2178358 - CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding
- OCPBUGS-13284 - [GCP] worker node with Sriov operator installed fails to come up online after reboot
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html
aarch64
openshift4/frr-rhel8@sha256:80cdffccb419b65d5532b9ffdeea12d6cb6672e7ae44be5243f27c771f5eed08
openshift4/kubernetes-nmstate-rhel8-operator@sha256:79260e1b649a2ea8cd0376a89e2e1206fe6ebe4b5ea4b5151f07ced06ae22153
openshift4/metallb-rhel8-operator@sha256:54705785f43f8f9718d41acec5ed879ffcdc9335b1971a0e376dd7a2c8113af3
openshift4/ose-ansible-operator@sha256:8f7476bc09b15b6ab891b50bba6df1c264dc1b19b4900c3cee5fe9647259fa34
openshift4/ose-cluster-kube-descheduler-operator@sha256:25ac733fbdb3419f121b2e5a30a99cb012e03fb3f7df64bbdcb32ac8a97dcad3
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:25ac733fbdb3419f121b2e5a30a99cb012e03fb3f7df64bbdcb32ac8a97dcad3
openshift4/ose-egress-dns-proxy@sha256:7d587bdc58526a29b3beaffc682ffca18d1a52eebcd0e5497bd728f10e7e1f87
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:7af5c9aff562faf17c4ab1e302d1d1d7da193cff85c59e61ed00f454346be3d5
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:6a2e6e1f06ae18dc23c5d6be4cd8219f376b16a33fce0c8d125c4941b4a76ae2
openshift4/ose-operator-sdk-rhel8@sha256:df6ba42e4ab0fbf45aedff1f4faa6e1aeb752560da24ebea322a4d0457c01c6a
openshift4/ose-ptp@sha256:5571045bd648e19e6331469d33e7a4b4f491eef2372adf866393d94ce113b2d7
openshift4/ose-ptp-operator@sha256:40342c0fc75f91d11da3cd5f3ca917692f534266379e18bf98ea9f8327e963a9
openshift4/ose-sriov-network-config-daemon@sha256:fde68d6aaf9d57229dc2e584e92074619f60672b608c70b8f734fd4f1d725dc4
openshift4/ose-sriov-network-operator@sha256:ce2a5799cbb178efe4097a5b1cbd3aab56b3762b72513bc8e764207e4201f116
openshift4/ose-sriov-network-webhook@sha256:f8f811eabb82dd79365e6bc020f12295a306cee3025c6cc6473be08e73528c3c
openshift4/ptp-must-gather-rhel8@sha256:6d0e6c88c9a668fd479a20d7e3ed08d017d0b9d4437718dc210dc7f3742f97cb
ppc64le
openshift4/frr-rhel8@sha256:fcf44a95569c639994af83f6e41ff095dff7d0146323b72306c9b20f81975b07
openshift4/kubernetes-nmstate-rhel8-operator@sha256:ff65d291d162474790220c66e4a8b81741937ef8d59ac830d5cbd1ef35ed74be
openshift4/metallb-rhel8-operator@sha256:cf11fb2446d8c8522397773d9a5c7901d6a162cc52507b5dc5345fb5c7c9cac6
openshift4/ose-ansible-operator@sha256:45cc2a7fbc5490761c39da214856a1a760257497d89befdd8dd44f7333e3620e
openshift4/ose-cluster-kube-descheduler-operator@sha256:aab3aab5ad246959da87d2f594c04388320431d0eb4d458309b0d7531f3a534e
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aab3aab5ad246959da87d2f594c04388320431d0eb4d458309b0d7531f3a534e
openshift4/ose-egress-dns-proxy@sha256:5508cdcbf4cc03f60e74832df6f23de67242e6446cd26459100117b4bf6b03b4
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:5e916a8714479d88eaa21a00ebc36235e24037062740f242138673655ae33967
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:2e1170d7dc493e40614e74f227cb6a195a6583432cddcaca9a0f68be8972cc71
openshift4/ose-operator-sdk-rhel8@sha256:77ddb6267510fcf37f0a2db393ca3a3830de11f429beecf5ac59e3e2cccbd37a
openshift4/ose-ptp@sha256:baa7cb1fd61a422d5d57a56c319734d011f63626a8c1817d287542359c3216c9
openshift4/ose-ptp-operator@sha256:5c4af499a9239ee6e4321f5c57af44ea1205d05629df915d02e358e4ead3a215
openshift4/ose-sriov-network-config-daemon@sha256:dcb954309256290b1762e6fa75e4a76b1298109121ec0a216d485d390dc20707
openshift4/ose-sriov-network-operator@sha256:97b58b433da3854047ee90938fa8564de241ba47e65c4b7f9ae54edc510a1aee
openshift4/ose-sriov-network-webhook@sha256:9a30f1884053abf9ea722308f38e88dc689940d6b80f5c7767b38af90528b975
openshift4/ptp-must-gather-rhel8@sha256:fa076d07815b05a22c116564d612873851996aeb4eac4eadc12fd79702a18f9f
s390x
openshift4/frr-rhel8@sha256:27b61ff010a28c93a02e296c7bf702d4c9aa389e41663a91ac3e213c62ddb629
openshift4/kubernetes-nmstate-rhel8-operator@sha256:355336bc41b827b2021e989961da25aa7da8ae4dd6d474ab6f5d89a40c982135
openshift4/metallb-rhel8-operator@sha256:b83a8fa0b2c712d6ee7a96590965fbb4f951e2602a4fddc095bb33156c9449a3
openshift4/ose-ansible-operator@sha256:9682defec0ef3ebaf4bee80ec0bc9c7ed8af81b7863e50dfd7a74359a1916434
openshift4/ose-cluster-kube-descheduler-operator@sha256:e28acf63f4a08bbe0e851049f28c8db3c120b710afd4e86809bb186450688722
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:e28acf63f4a08bbe0e851049f28c8db3c120b710afd4e86809bb186450688722
openshift4/ose-egress-dns-proxy@sha256:8334aaf295d4fa31f7877128831ddbdbde41eb5640639c4440c0d3cf9087dd3e
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:0826de40720228ef462a963195a9239ccb1575eee06bbf5c567d83a0763852c6
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:85ea0a1d1ebf8541f429d9241c170ea14e15c98b622b8654c0bb8ef52497d60f
openshift4/ose-operator-sdk-rhel8@sha256:bbd0d8538920be55408f4488b48ca1c7a833eb43d0a1ead37cd0d64952232cb2
x86_64
openshift4/frr-rhel8@sha256:8c1cb70c4570a3fca632e9b2845eb9f5cd566234230dc85384f7f911321c5850
openshift4/kubernetes-nmstate-rhel8-operator@sha256:e306d6295ecf2a892714c856af825eada4bc377dbe9bb763d3f945e6b36c9bac
openshift4/metallb-rhel8-operator@sha256:dca3ef36a6fe852f80d71940bb09fbe941c5c10e45c01b108c1c8b9eab3a5946
openshift4/ose-ansible-operator@sha256:a6f4ce2b8e07851083368fb2f1750a8ebe0bbc72b7adbbc1d79f8cf8462fa283
openshift4/ose-cluster-kube-descheduler-operator@sha256:b0d886706f648318cbf5a13cd0ffa0dde52c2966e42d7d99c5e8b7d344480a9a
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b0d886706f648318cbf5a13cd0ffa0dde52c2966e42d7d99c5e8b7d344480a9a
openshift4/ose-egress-dns-proxy@sha256:59f6247d806c32b383688eef9fb79e1bf32c6d89ee6b0503b34429b46b1bf246
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:02c1e57fc0ce6293245b80351b9513d6ebedfa4dfbe1860209e2373afed62f4d
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:efcd9f87a94f688a3a7d5f1c35915e59bec90da95dc340c74d95bcb47963c304
openshift4/ose-operator-sdk-rhel8@sha256:3103ad9410312796b85e025de11c50b8adfe188fa3bc63b048ecf648a79ff798
openshift4/ose-ptp@sha256:90c63c7db27b383c4bae6a533ea986cafd2a5a45be6ae898c9adfd00da92fbb4
openshift4/ose-ptp-operator@sha256:cb9208a9cad811676480b51662f138651df55fe00df1d65af74be2e8261fcaa8
openshift4/ose-sriov-network-config-daemon@sha256:ff770b7ad7fba8a31af043a95a6dbe43ed342e2297d133bd4ed816b445b8d7af
openshift4/ose-sriov-network-operator@sha256:197595c3cd482f17de6918ed4e1c0054af9671eb873e220bfbb55bbb1963ba31
openshift4/ose-sriov-network-webhook@sha256:ffb2b15662d72699446d88e68f2d145964b83d337e2ee2b10c732ddd1c7462e5
openshift4/ptp-must-gather-rhel8@sha256:2777bc1acbc2f41eeef8cfaf5203e3e4d8b802d27668a1294a8e88fa8be129f7
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2024-4677-03 - Red Hat OpenShift Container Platform release 4.12.61 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-3352-03 - An update for etcd is now available for Red Hat OpenStack Platform 16.2. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2024-0198-03 - Red Hat OpenShift Container Platform release 4.12.47 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Security Advisory 2023-6251-01 - Red Hat OpenShift Virtualization release 4.11.7 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
Red Hat OpenShift Virtualization release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.
Red Hat Security Advisory 2023-4627-01 - Migration Toolkit for Applications 6.2.0 Images. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.
cert-manager Operator for Red Hat OpenShift 1.10.3 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specia...
Red Hat Security Advisory 2023-4421-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.5 images.
Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...
Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
Red Hat Security Advisory 2023-4091-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.5. Issues addressed include a denial of service vulnerability.
Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...
Red Hat OpenShift Service Mesh 2.2.8 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modu...
OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...
Red Hat Security Advisory 2023-3614-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.4.
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...
Red Hat Security Advisory 2023-3610-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, memory exhaustion, and resource exhaustion vulnerabilities.
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46877: A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. * CVE-2022-29599: A flaw was found in the maven-shared-utils package. This issue allows a Command...
Red Hat Security Advisory 2023-3495-01 - Logging Subsystem 5.7.2 - Red Hat OpenShift. Issues addressed include cross site scripting and denial of service vulnerabilities.
Red Hat Security Advisory 2023-3447-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.1 (Train).
OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...
An update for etcd is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-28235: A flaw was found in etcd, where etc-io could allow a remote attacker to gain elevated privileges on the system caused by a vulnerability in the debug function. By sending a specially crafted request, an attacker can gain elevated privileges. * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause e...
Red Hat Security Advisory 2023-3305-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.1.
OpenShift Serverless 1.29.0 has been released. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of serv...
Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-17419: The Miek Gieben DNS library is vulnerable to a denial of service caused by a segmentation violation in setTA in scan_rr.go. By persuading a victim to open a specially-crafted file, a ...
Red Hat Security Advisory 2023-3167-01 - New Red Hat build of Cryostat 2.3.0 on RHEL 8 container images have been released, adding a variety of features and bug fixes. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-1325-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.
Red Hat Security Advisory 2023-1328-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and out of bounds read vulnerabilities.
Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.
New Red Hat build of Cryostat 2.3.0 on RHEL 8 container images are now availableThis content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition. * CVE-2022-41725: A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption...
Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...
Red Hat Security Advisory 2023-1327-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.0.
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.