What is RHEA-2024:1366?

RHEA-2024:1366 is a security advisory published by Red Hat Product Security with High severity. Red Hat Enhancement Advisory: Red Hat Developer Hub 1.1 release

What is the CVSS v3 score of RHEA-2024:1366?

RHEA-2024:1366 has a CVSS v3 base score of 9.8, published by Red Hat Product Security.

RHEA-2024:1366HighCVSS 9.8

Red Hat Enhancement Advisory: Red Hat Developer Hub 1.1 release

Vendor

Red Hat Product Security

Published

March 18, 2024

Last Modified

May 23, 2026

🔗 CVE IDs covered (7)

CVE-2023-45143 →CVE-2023-48631 →CVE-2023-50728 →CVE-2023-26159 →CVE-2023-39325 →CVE-2023-42282 →CVE-2023-44487 →

📋 Description

CVE-2023-26159 — follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() CVE-2023-39325 — golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) CVE-2023-42282 — nodejs-ip: arbitrary code execution via the isPublic() function CVE-2023-44487 — HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) CVE-2023-45143 — node-undici: cookie leakage CVE-2023-48631 — css-tools: regular expression denial of service (ReDoS) when parsing CSS CVE-2023-50728 — octopost/webhooks: uncaught exception

🔗 References (3)

selfhttps://access.redhat.com/errata/RHEA-2024:1366
externalhttps://access.redhat.com/documentation/en-us/red_hat_developer_hub/1.1
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhea-2024_1366.json