RHSA-2023:1486HighCVSS 10.0
Red Hat Security Advisory: Red Hat Gluster Storage web-admin-build security update
🔗 CVE IDs covered (5)
📋 Description
CVE-2022-24790 — puma-5.6.4: http request smuggling vulnerabilities CVE-2022-30122 — rubygem-rack: crafted multipart POST request may cause a DoS CVE-2022-30123 — rubygem-rack: crafted requests can cause shell escape sequences CVE-2022-31129 — moment: inefficient parsing algorithm resulting in DoS CVE-2022-31163 — rubygem-tzinfo: arbitrary code execution
🔗 References (8)
- selfhttps://access.redhat.com/errata/RHSA-2023:1486
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2071616
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2099519
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2099524
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2105075
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2110551
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1486.json