RHBA-2024:7523HighCVSS 8.2

Red Hat Bug Fix Advisory: Red Hat Developer Hub 1.3.0 release

Published
October 2, 2024
Last Modified
July 14, 2026

🔗 CVE IDs covered (11)

📋 Description

CVE-2024-4067 — micromatch: vulnerable to Regular Expression Denial of Service CVE-2024-4068 — braces: fails to limit the number of characters it can handle CVE-2024-21529 — dset: Prototype Pollution CVE-2024-24790 — golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses CVE-2024-24791 — net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-35255 — azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity CVE-2024-37891 — urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-39008 — fast-loops: prototype pollution via objectMergeDeep CVE-2024-39249 — nodejs-async: Regular expression denial of service while parsing function in autoinject CVE-2024-43796 — express: Improper Input Handling in Express Redirects CVE-2024-43800 — serve-static: Improper Sanitization in serve-static

🔗 References (4)