RHSA-2024:1812MediumCVSS 7.5
Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.12.1-376 Bug Fixes
🔗 CVE IDs covered (3)
📋 Description
CVE-2023-39326 — golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests CVE-2023-47108 — opentelemetry-go-contrib: DoS vulnerability in otelgrpc due to unbound cardinality metrics CVE-2024-28180 — jose-go: improper handling of highly compressed data
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2024:1812
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://access.redhat.com/security/cve/CVE-2024-28180
- externalhttps://access.redhat.com/security/cve/CVE-2023-47108
- externalhttps://access.redhat.com/security/cve/CVE-2023-39326
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2251198
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2253330
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2268854
- externalhttps://issues.redhat.com/browse/OCPBUGS-25806
- externalhttps://issues.redhat.com/browse/OCPBUGS-30145
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1812.json