What is RHSA-2024:10852?

RHSA-2024:10852 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI

Which CVE IDs does RHSA-2024:10852 cover?

RHSA-2024:10852 covers the following CVE IDs: CVE-2024-10963, CVE-2024-24786, CVE-2024-49767, CVE-2024-3596. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2024:10852?

RHSA-2024:10852 has a CVSS v3 base score of 9.0, published by Red Hat Product Security.

RHSA-2024:10852HighCVSS 9.0

Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI

Vendor

Red Hat Product Security

Published

December 5, 2024

Last Modified

May 30, 2026

🔗 CVE IDs covered (4)

CVE-2024-10963 →CVE-2024-24786 →CVE-2024-49767 →CVE-2024-3596 →

📋 Description

CVE-2024-3596 — freeradius: forgery attack CVE-2024-10963 — pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass CVE-2024-24786 — golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-49767 — werkzeug: python-werkzeug: Werkzeug possible resource exhaustion when parsing file data in forms

🔗 References (8)

selfhttps://access.redhat.com/errata/RHSA-2024:10852
externalhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/
externalhttps://access.redhat.com/security/cve/CVE-2024-49767
externalhttps://access.redhat.com/security/cve/CVE-2024-3596
externalhttps://access.redhat.com/security/cve/CVE-2024-24786
externalhttps://access.redhat.com/security/cve/CVE-2024-10963
externalhttps://access.redhat.com/security/updates/classification/
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10852.json