Red Hat Bug Fix Advisory: Red Hat Developer Hub 1.3.0 release
🔗 CVE IDs covered (11)
📋 Description
CVE-2024-4067 — micromatch: vulnerable to Regular Expression Denial of Service CVE-2024-4068 — braces: fails to limit the number of characters it can handle CVE-2024-21529 — dset: Prototype Pollution CVE-2024-24790 — golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses CVE-2024-24791 — net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-35255 — azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity CVE-2024-37891 — urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-39008 — fast-loops: prototype pollution via objectMergeDeep CVE-2024-39249 — nodejs-async: Regular expression denial of service while parsing function in autoinject CVE-2024-43796 — express: Improper Input Handling in Express Redirects CVE-2024-43800 — serve-static: Improper Sanitization in serve-static