client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`; not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.
Metrics
No CVSS v4.0
Attack Vector Network
Attack Complexity Low
Privileges Required None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact High
User Interaction None
No CVSS v3.0
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
AV:N/AC:L/Au:N/C:N/I:N/A:P
This CVE is not in the KEV list.
Key SSVC decision points have not yet been added.
Affected Vendors & Products
Vendors | Products |
---|---|
Fedoraproject |
|
Prometheus |
|
Rdo Project |
|
Redhat |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
Configuration 4 [-]
|
Configuration 5 [-]
|
Package | CPE | Advisory | Released Date |
---|---|---|---|
Logging subsystem for Red Hat OpenShift 5.4 | |||
openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-163 | cpe:/a:redhat:logging:5.4::el8 | RHSA-2022:1461 | 2022-04-20T00:00:00Z |
openshift-logging/elasticsearch-rhel8-operator:v5.4.1-4 | cpe:/a:redhat:logging:5.4::el8 | RHSA-2022:2216 | 2022-05-11T00:00:00Z |
OADP-1.0-RHEL-8 | |||
oadp/oadp-registry-rhel8:1.0.4-6 | cpe:/a:redhat:openshift_api_data_protection:1.0::el8 | RHSA-2022:6430 | 2022-09-13T00:00:00Z |
oadp/oadp-mustgather-rhel8:1.0.5-20 | cpe:/a:redhat:openshift_api_data_protection:1.0::el8 | RHSA-2022:7261 | 2022-10-31T00:00:00Z |
oadp/oadp-rhel8-operator:1.0.5-16 | cpe:/a:redhat:openshift_api_data_protection:1.0::el8 | RHSA-2022:7261 | 2022-10-31T00:00:00Z |
OADP-1.1-RHEL-8 | |||
oadp/oadp-velero-plugin-rhel8:1.1.0-20 | cpe:/a:redhat:openshift_api_data_protection:1.1::el8 | RHSA-2022:6290 | 2022-09-01T00:00:00Z |
oadp/oadp-velero-rhel8:1.1.6-7 | cpe:/a:redhat:openshift_api_data_protection:1.1::el8 | RHSA-2023:5314 | 2023-09-20T00:00:00Z |
OpenShift Logging 5.2 | |||
openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-168 | cpe:/a:redhat:logging:5.2::el8 | RHSA-2022:2218 | 2022-05-11T00:00:00Z |
openshift-logging/elasticsearch-rhel8-operator:v5.2.10-5 | cpe:/a:redhat:logging:5.2::el8 | RHSA-2022:2218 | 2022-05-11T00:00:00Z |
OpenShift Logging 5.3 | |||
openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-171 | cpe:/a:redhat:logging:5.3::el8 | RHSA-2022:2217 | 2022-05-11T00:00:00Z |
openshift-logging/elasticsearch-rhel8-operator:v5.3.7-5 | cpe:/a:redhat:logging:5.3::el8 | RHSA-2022:2217 | 2022-05-11T00:00:00Z |
Openshift Serveless 1.24 | |||
openshift-serverless-1/client-kn-rhel8:1.3.1-4 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-controller-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-mtping-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-storage-version-migration-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-sugar-controller-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/eventing-webhook-rhel8:1.3.2-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/ingress-rhel8-operator:1.24.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/knative-rhel8-operator:1.24.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/kn-cli-artifacts-rhel8:1.3.1-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/kourier-control-rhel8:1.3.0-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/net-istio-controller-rhel8:1.3.0-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/net-istio-webhook-rhel8:1.3.0-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serverless-operator-bundle:1.24.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serverless-rhel8-operator:1.24.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serving-activator-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serving-autoscaler-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serving-controller-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serving-domain-mapping-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serving-domain-mapping-webhook-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serving-queue-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serving-storage-version-migration-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/serving-webhook-rhel8:1.3.0-3 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1/svls-must-gather-rhel8:1.24.0-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8:1.3.2-2 | cpe:/a:redhat:serverless:1.24::el8 | RHSA-2022:6040 | 2022-08-10T00:00:00Z |
Openshift Serverless 1 on RHEL 8 | |||
openshift-serverless-clients-0:1.3.1-4.el8 | cpe:/a:redhat:serverless:1.0::el8 | RHSA-2022:6042 | 2022-08-10T00:00:00Z |
Red Hat Enterprise Linux 8 | |||
container-tools:rhel8-8060020220401155929.2e213529 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2022:1762 | 2022-05-10T00:00:00Z |
grafana-0:7.5.15-3.el8 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2022:7519 | 2022-11-08T00:00:00Z |
container-tools:3.0-8070020220802115906.39077419 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2022:7529 | 2022-11-08T00:00:00Z |
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | |||
container-tools:3.0-8040020240104111259.c0c392d5 | cpe:/a:redhat:rhel_aus:8.4 | RHSA-2024:0564 | 2024-01-30T00:00:00Z |
Red Hat Enterprise Linux 8.4 Telecommunications Update Service | |||
container-tools:3.0-8040020240104111259.c0c392d5 | cpe:/a:redhat:rhel_tus:8.4 | RHSA-2024:0564 | 2024-01-30T00:00:00Z |
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | |||
container-tools:3.0-8040020240104111259.c0c392d5 | cpe:/a:redhat:rhel_e4s:8.4 | RHSA-2024:0564 | 2024-01-30T00:00:00Z |
Red Hat Enterprise Linux 9 | |||
grafana-0:7.5.15-3.el9 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2022:8057 | 2022-11-15T00:00:00Z |
Red Hat OpenShift Container Platform 3.11 | |||
atomic-openshift-dockerregistry-0:3.11.705-1.g0fa231c.el7 | cpe:/a:redhat:openshift:3.11::el7 | RHSA-2022:2280 | 2022-05-31T00:00:00Z |
Red Hat OpenShift Container Platform 4.10 | |||
openshift4/kubernetes-nmstate-rhel8-operator:v4.10.0-202207291908.p0.g5f0b20d.assembly.stream | cpe:/a:redhat:openshift:4.10::el8 | RHBA-2022:5876 | 2022-08-09T00:00:00Z |
openshift4/ose-kubernetes-nmstate-handler-rhel8:v4.10.0-202207291908.p0.g5f0b20d.assembly.stream | cpe:/a:redhat:openshift:4.10::el8 | RHBA-2022:5876 | 2022-08-09T00:00:00Z |
openshift4/ose-openstack-machine-controllers:v4.10.0-202204090935.p0.g12df76b.assembly.stream | cpe:/a:redhat:openshift:4.10::el8 | RHSA-2022:1356 | 2022-04-21T00:00:00Z |
Red Hat OpenShift Container Platform 4.11 | |||
buildah-1:1.23.4-2.el8 | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5068 | 2022-08-10T00:00:00Z |
openshift-clients-0:4.11.0-202207291716.p0.g7075089.assembly.stream.el8 | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5068 | 2022-08-10T00:00:00Z |
openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8:v4.11.0-202208020235.p0.gf70a51b.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-alibaba-machine-controllers-rhel8:v4.11.0-202208020235.p0.g4145108.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.11.0-202208020235.p0.g2c7529e.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-aws-pod-identity-webhook-rhel8:v4.11.0-202208020235.p0.ga085f1c.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-azure-disk-csi-driver-rhel8:v4.11.0-202208020235.p0.g0fe424e.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.11.0-202208020235.p0.gc4197c3.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-azure-file-csi-driver-operator-rhel8:v4.11.0-202208020235.p0.gcbe7044.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-azure-file-csi-driver-rhel8:v4.11.0-202208020235.p0.g67c3831.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-baremetal-machine-controllers:v4.11.0-202208020235.p0.ga65be86.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cloud-credential-operator:v4.11.0-202208020235.p0.g9a40d74.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-autoscaler-operator:v4.11.0-202208020706.p0.gfcffbcd.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-capi-operator-container-rhel8:v4.11.0-202208020235.p0.g1a88f55.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-capi-rhel8-operator:v4.11.0-202208020235.p0.g1a88f55.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.11.0-202208020235.p0.gc2f2cbf.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.11.0-202208020706.p0.g8d0774f.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-etcd-rhel8-operator:v4.11.0-202208020235.p0.gbcae2f3.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-image-registry-operator:v4.11.0-202208020235.p0.g4d66ea3.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-kube-controller-manager-operator:v4.11.0-202208020235.p0.ga6cb428.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-kube-scheduler-operator:v4.11.0-202208020235.p0.gb8fed26.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-monitoring-operator:v4.11.0-202208020235.p0.gfcc377d.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-network-operator:v4.11.0-202208020235.p0.g3528a6b.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-node-tuning-operator:v4.11.0-202208020235.p0.ga7921b7.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-openshift-controller-manager-operator:v4.11.0-202208020235.p0.g0315835.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-policy-controller-rhel8:v4.11.0-202208020235.p0.gc7201ed.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-samples-operator:v4.11.0-202208020235.p0.g375a4a9.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-cluster-storage-operator:v4.11.0-202208020235.p0.gce8a6de.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-configmap-reloader:v4.11.0-202208020235.p0.gb7c03bb.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-console:v4.11.0-202208021257.p0.ge0d49a2.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-csi-driver-manila-rhel8-operator:v4.11.0-202208020235.p0.g12cb253.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-csi-driver-nfs-rhel8:v4.11.0-202208020235.p0.gf144bb4.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-csi-driver-shared-resource-operator-rhel8:v4.11.0-202208020706.p0.gd3985eb.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-csi-driver-shared-resource-rhel8:v4.11.0-202208020235.p0.g3f69f2f.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-csi-external-provisioner:v4.11.0-202208020235.p0.g86277ec.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-csi-external-provisioner-rhel8:v4.11.0-202208020235.p0.g86277ec.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-csi-external-resizer:v4.11.0-202208020235.p0.g2cea576.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-csi-external-resizer-rhel8:v4.11.0-202208020235.p0.g2cea576.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-csi-snapshot-controller:v4.11.0-202208020235.p0.g0afdf73.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-csi-snapshot-controller-rhel8:v4.11.0-202208020235.p0.g0afdf73.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-docker-builder:v4.11.0-202208020235.p0.gb500d85.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-docker-registry:v4.11.0-202208020235.p0.g9f07f43.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.11.0-202208020235.p0.gbc7bad4.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-haproxy-router:v4.11.0-202208020235.p0.g601ba57.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-ibmcloud-machine-controllers-rhel8:v4.11.0-202208020235.p0.g3bde969.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.11.0-202208020235.p0.ge4a2180.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-kube-state-metrics:v4.11.0-202208020235.p0.g896d000.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-machine-api-operator:v4.11.0-202208020235.p0.g4e3e83c.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-machine-config-operator:v4.11.0-202208020235.p0.ge722bb7.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-network-metrics-daemon-rhel8:v4.11.0-202208020235.p0.g9482ac9.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-openshift-controller-manager-rhel8:v4.11.0-202208020235.p0.g46157a3.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-openshift-state-metrics-rhel8:v4.11.0-202208020235.p0.g1a7a5dc.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.11.0-202208020235.p0.gae4c45c.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-openstack-machine-controllers:v4.11.0-202208020235.p0.g440ca42.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-operator-lifecycle-manager:v4.11.0-202208020235.p0.g8c2bd46.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-operator-marketplace:v4.11.0-202208020235.p0.g040c64e.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-prometheus:v4.11.0-202208020235.p0.gd2dfc27.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-prometheus-alertmanager:v4.11.0-202208020235.p0.g05cfc39.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-prometheus-operator:v4.11.0-202208020235.p0.gcb3afa2.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-sdn-rhel8:v4.11.0-202208020235.p0.gb76d388.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-telemeter:v4.11.0-202208020235.p0.g77b2966.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-tests:v4.11.0-202208020706.p0.gb860532.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-thanos-rhel8:v4.11.0-202208020235.p0.gf08da2d.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.11.0-202208020235.p0.g9914824.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-vsphere-cloud-controller-manager-rhel8:v4.11.0-202208020235.p0.g6fd8e8d.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.11.0-202208020235.p0.g9914824.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ose-vsphere-problem-detector-rhel8:v4.11.0-202208020235.p0.g5910f33.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ovirt-csi-driver-rhel7:v4.11.0-202208020235.p0.g0b3d79b.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ovirt-csi-driver-rhel8:v4.11.0-202208020235.p0.g0b3d79b.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/ovirt-csi-driver-rhel8-operator:v4.11.0-202208020235.p0.g7a30e38.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5069 | 2022-08-10T00:00:00Z |
openshift4/cloud-event-proxy-rhel8:v4.11.0-202208020706.p0.g642796d.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5070 | 2022-08-10T00:00:00Z |
openshift4/ose-cloud-event-proxy:v4.11.0-202208020706.p0.g642796d.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5070 | 2022-08-10T00:00:00Z |
openshift4/ose-cloud-event-proxy-rhel8:v4.11.0-202208020706.p0.g642796d.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:5070 | 2022-08-10T00:00:00Z |
openshift4/ose-sriov-network-webhook:v4.11.0-202209130958.p0.gb4f9fbd.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2022:6537 | 2022-09-20T00:00:00Z |
openshift4/ose-operator-sdk-rhel8:v4.11.0-202301241446.p0.g1974dfd.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2023:0566 | 2023-02-07T00:00:00Z |
openshift4/ose-helm-operator:v4.11.0-202302061916.p0.g1974dfd.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2023:0652 | 2023-02-15T00:00:00Z |
openshift4/ose-baremetal-rhel8-operator:v4.11.0-202303061754.p0.g55cd252.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2023:1158 | 2023-03-14T00:00:00Z |
openshift4/ose-multus-admission-controller:v4.11.0-202304192028.p0.gb876064.assembly.stream | cpe:/a:redhat:openshift:4.11::el8 | RHSA-2023:2014 | 2023-05-02T00:00:00Z |
Red Hat OpenShift Container Platform 4.12 | |||
openshift4/ose-alibaba-cloud-controller-manager-rhel8:v4.12.0-202301042354.p0.g1959de0.assembly.stream | cpe:/a:redhat:openshift:4.12::el8 | RHSA-2022:7399 | 2023-01-17T00:00:00Z |
openshift4/ose-aws-ebs-csi-driver-rhel8:v4.12.0-202301042354.p0.g1584117.assembly.stream | cpe:/a:redhat:openshift:4.12::el8 | RHSA-2022:7399 | 2023-01-17T00:00:00Z |
openshift4/ose-gcp-cloud-controller-manager-rhel8:v4.12.0-202301042354.p0.g8d208a7.assembly.stream | cpe:/a:redhat:openshift:4.12::el8 | RHSA-2022:7399 | 2023-01-17T00:00:00Z |
openshift4/ose-gcp-pd-csi-driver-rhel8:v4.12.0-202301042354.p0.g223d846.assembly.stream | cpe:/a:redhat:openshift:4.12::el8 | RHSA-2022:7399 | 2023-01-17T00:00:00Z |
openshift4/ose-ibm-vpc-block-csi-driver-rhel8:v4.12.0-202301042354.p0.g2364e6a.assembly.stream | cpe:/a:redhat:openshift:4.12::el8 | RHSA-2022:7399 | 2023-01-17T00:00:00Z |
openshift4-wincw/windows-machine-config-rhel8-operator:7.0.0-22 | cpe:/a:redhat:openshift:4.12::el8 | RHSA-2022:9096 | 2023-01-30T00:00:00Z |
Red Hat OpenShift Container Platform 4.13 | |||
openshift4/ose-alibaba-cloud-csi-driver-container-rhel8:v4.13.0-202304190216.p0.g68c0ecf.assembly.stream | cpe:/a:redhat:openshift:4.13::el8 | RHSA-2023:1326 | 2023-05-17T00:00:00Z |
openshift4/ose-installer:v4.13.0-202305091542.p0.g44db7b2.assembly.stream | cpe:/a:redhat:openshift:4.13::el8 | RHSA-2023:1326 | 2023-05-17T00:00:00Z |
openshift4/ose-multus-admission-controller:v4.13.0-202304190216.p0.gd6d52a7.assembly.stream | cpe:/a:redhat:openshift:4.13::el8 | RHSA-2023:1326 | 2023-05-17T00:00:00Z |
openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.13.0-202304190216.p0.g6f4295b.assembly.stream | cpe:/a:redhat:openshift:4.13::el8 | RHSA-2023:1326 | 2023-05-17T00:00:00Z |
Red Hat OpenShift Data Foundation 4.11 on RHEL8 | |||
odf4/ocs-rhel8-operator:v4.11.0-67 | cpe:/a:redhat:openshift_data_foundation:4.11::el8 | RHSA-2022:6156 | 2022-08-24T00:00:00Z |
odf4/odf-lvm-rhel8-operator:v4.11.0-39 | cpe:/a:redhat:openshift_data_foundation:4.11::el8 | RHSA-2022:6156 | 2022-08-24T00:00:00Z |
odf4/odf-rhel8-operator:v4.11.0-27 | cpe:/a:redhat:openshift_data_foundation:4.11::el8 | RHSA-2022:6156 | 2022-08-24T00:00:00Z |
Red Hat OpenShift Dev Spaces 3 Containers | |||
devspaces/configbump-rhel8:3.15-2 | cpe:/a:redhat:openshift_devspaces:3::el8 | RHSA-2024:4631 | 2024-07-18T00:00:00Z |
devspaces/devspaces-rhel8-operator:3.15-10 | cpe:/a:redhat:openshift_devspaces:3::el8 | RHSA-2024:4631 | 2024-07-18T00:00:00Z |
Red Hat OpenStack Platform 16.1 | |||
etcd-0:3.3.23-10.el8ost | cpe:/a:redhat:openstack:16.1::el8 | RHSA-2022:6066 | 2022-08-15T00:00:00Z |
Red Hat OpenStack Platform 16.2 | |||
etcd-0:3.3.23-10.el8ost | cpe:/a:redhat:openstack:16.2::el8 | RHSA-2022:6061 | 2022-08-15T00:00:00Z |
RHEL-7-CNV-4.10 | |||
kubevirt-0:4.10.1-489.el7 | cpe:/a:redhat:container_native_virtualization:4.10::el7 | RHSA-2022:4667 | 2022-05-18T00:00:00Z |
RHEL-8 based Middleware Containers | |||
amq7/amq-broker-rhel8-operator:7.12.0-16 | cpe:/a:redhat:rhosemc:1.0::el8 | RHSA-2024:2944 | 2024-05-21T00:00:00Z |
amq7/amq-broker-rhel8-operator-bundle:7.12.0-10 | cpe:/a:redhat:rhosemc:1.0::el8 | RHSA-2024:2944 | 2024-05-21T00:00:00Z |
RHEL-8-CNV-4.10 | |||
kubevirt-0:4.10.1-489.el8 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:4667 | 2022-05-18T00:00:00Z |
container-native-virtualization/hostpath-provisioner-rhel8:v4.10.1-5 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:4668 | 2022-05-18T00:00:00Z |
container-native-virtualization/hostpath-provisioner-rhel8-operator:v4.10.1-6 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:4668 | 2022-05-18T00:00:00Z |
container-native-virtualization/hyperconverged-cluster-webhook-rhel8:v4.10.1-19 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:4668 | 2022-05-18T00:00:00Z |
container-native-virtualization/kubevirt-template-validator:v4.10.1-4 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:4668 | 2022-05-18T00:00:00Z |
container-native-virtualization/libguestfs-tools:v4.10.1-8 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:4668 | 2022-05-18T00:00:00Z |
container-native-virtualization/virt-cdi-cloner:v4.10.1-16 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:4668 | 2022-05-18T00:00:00Z |
container-native-virtualization/virt-launcher:v4.10.1-8 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:4668 | 2022-05-18T00:00:00Z |
container-native-virtualization/hostpath-csi-driver:v4.10.2-1 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:5026 | 2022-06-14T00:00:00Z |
container-native-virtualization/hostpath-csi-driver-rhel8:v4.10.2-1 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:5026 | 2022-06-14T00:00:00Z |
container-native-virtualization/kubernetes-nmstate-handler-rhel8:v4.10.2-3 | cpe:/a:redhat:container_native_virtualization:4.10::el8 | RHSA-2022:5026 | 2022-06-14T00:00:00Z |
RHEL-8-CNV-4.11 | |||
container-native-virtualization/cluster-network-addons-operator:v4.11.0-26 | cpe:/a:redhat:container_native_virtualization:4.11::el8 | RHSA-2022:6526 | 2022-09-14T00:00:00Z |
container-native-virtualization/kubemacpool:v4.11.0-26 | cpe:/a:redhat:container_native_virtualization:4.11::el8 | RHSA-2022:6526 | 2022-09-14T00:00:00Z |
RHOL-5.5-RHEL-8 | |||
openshift-logging/cluster-logging-rhel8-operator:v5.5.0-57 | cpe:/a:redhat:logging:5.5::el8 | RHSA-2022:6051 | 2022-08-18T00:00:00Z |
openshift-logging/eventrouter-rhel8:v0.4.0-14 | cpe:/a:redhat:logging:5.5::el8 | RHSA-2022:6051 | 2022-08-18T00:00:00Z |
openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-38 | cpe:/a:redhat:logging:5.5::el8 | RHSA-2022:6051 | 2022-08-18T00:00:00Z |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-02-15T00:00:00
Updated: 2024-08-03T02:53:34.814Z
Reserved: 2021-11-16T00:00:00
Link: CVE-2022-21698
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-02-15T16:15:08.527
Modified: 2024-11-21T06:45:15.423
Link: CVE-2022-21698
Redhat