Lucene search
RedHatRHSA-2023:7555HistoryNov 28, 2023 - 5:50 p.m.
(RHSA-2023:7555) Important: OpenShift API for Data Protection (OADP) 1.3.0 security update
2023-11-2817:50:06
access.redhat.com
11
openshift
oadp
security update
backup
restore
persistent volumes
cve-2023-44487
cve-2023-39325
ddos
cve-2023-45142
OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Security Fix(es):
-
golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
-
HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
-
opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Related
redhat
redhat
rocky
rocky
go-toolset:rhel8 security update
2023-10-24 18:35:47
toolbox security update
2023-11-11 23:00:15
grafana security update
2023-10-24 18:35:47
nessus
nessus
RHEL 8 : openshift-pipelines-client (RHSA-2023:6781)
2024-04-28 00:00:00
CentOS 7 : rhc-worker-script enhancement and (RHSA-2023:5835)
2023-12-22 00:00:00
RHEL 8 : openshift-gitops-kam (RHSA-2023:6243)
2024-04-28 00:00:00
oraclelinux
oraclelinux
olcne security update
2023-12-07 00:00:00
grafana security update
2023-10-20 00:00:00
grafana security update
2023-10-20 00:00:00
ibm
ibm
Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes API server security vulnerabilities (CVE-2023-39325 and CVE-2023-44487)
2023-12-08 09:00:02
redhatcve
redhatcve
almalinux
almalinux
Important: go-toolset:rhel8 security update
2023-10-16 00:00:00
Moderate: grafana security update
2023-10-18 00:00:00
Moderate: grafana security update
2023-10-18 00:00:00
osv
osv
Moderate: toolbox security update
2023-10-24 00:00:00
Moderate: toolbox security update
2023-11-11 23:00:15
Traefik vulnerable to HTTP/2 request causing denial of service
2023-10-17 02:37:42
github
github
Traefik vulnerable to HTTP/2 request causing denial of service
2023-10-17 02:37:42
openvas
openvas
openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:4069-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:4068-1)
2024-03-04 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1082)
2024-01-09 00:00:00
freebsd
freebsd
traefik -- Resource exhaustion by malicious HTTP/2 client
2023-10-10 00:00:00
ubuntucve
ubuntucve
nvd
nvd
amazon
amazon
Important: golang
2023-10-16 13:45:00
Important: golang
2023-10-16 13:45:00
Important: amazon-cloudwatch-agent
2024-01-19 01:51:00
cve
cve
cvelist
cvelist
vulnrichment
vulnrichment
prion
prion
Design/Logic Flaw
2023-10-12 17:15:00
fedora
fedora
[SECURITY] Fedora 39 Update: golang-1.21.3-1.fc39
2023-11-03 19:02:38
[SECURITY] Fedora 37 Update: golang-1.20.10-3.fc37
2023-10-29 01:47:29
[SECURITY] Fedora 38 Update: golang-1.20.10-2.fc38
2023-10-29 01:34:45
cbl_mariner
cbl_mariner
CVE-2023-45142 affecting package kubernetes for versions less than 1.29.1-2
2024-03-19 17:21:46
CVE-2023-45142 affecting package opa for versions less than 0.63.0-1
2024-04-10 21:48:40
CVE-2023-45142 affecting package prometheus for versions less than 2.45.4-1
2024-04-17 22:02:46
gitlab
gitlab
Allocation of Resources Without Limits or Throttling
2023-10-16 00:00:00
Allocation of Resources Without Limits or Throttling
2023-10-16 00:00:00
Allocation of Resources Without Limits or Throttling
2023-10-16 00:00:00
veracode
veracode
Denial Of Service
2023-10-13 12:27:54
alpinelinux
alpinelinux
CVE-2023-45142
2023-10-12 17:15:09
wolfi
wolfi
CVE-2023-45142 vulnerabilities
2024-06-25 15:33:25
cgr
cgr
CVE-2023-45142 vulnerabilities
2024-05-19 03:07:16