Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update
🔗 CVE IDs covered (11)
📋 Description
CVE-2023-26159 — follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() CVE-2023-26364 — css-tools: Improper Input Validation causes Denial of Service via Regular Expression CVE-2023-39326 — golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests CVE-2023-45286 — go-resty: HTTP request body disclosure in github.com/go-resty/resty/v2 CVE-2023-45287 — golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. CVE-2023-45288 — golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45857 — axios: exposure of confidential data stored in cookies CVE-2023-48631 — css-tools: regular expression denial of service (ReDoS) when parsing CSS CVE-2024-24786 — golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-28849 — follow-redirects: Possible credential leak CVE-2024-29180 — webpack-dev-middleware: lack of URL validation may lead to file leak
🔗 References (51)
- selfhttps://access.redhat.com/errata/RHSA-2024:3316
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2248979
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2250364
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2252012
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2253193
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2253330
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2254559
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2256413
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2268046
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2268273
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2269576
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2270863
- externalhttps://issues.redhat.com/browse/MTA-1578
- externalhttps://issues.redhat.com/browse/MTA-1959
- externalhttps://issues.redhat.com/browse/MTA-1961
- externalhttps://issues.redhat.com/browse/MTA-1970
- externalhttps://issues.redhat.com/browse/MTA-1997
- externalhttps://issues.redhat.com/browse/MTA-2003
- externalhttps://issues.redhat.com/browse/MTA-2117
- externalhttps://issues.redhat.com/browse/MTA-2186
- externalhttps://issues.redhat.com/browse/MTA-2224
- externalhttps://issues.redhat.com/browse/MTA-2243
- externalhttps://issues.redhat.com/browse/MTA-2287
- externalhttps://issues.redhat.com/browse/MTA-2308
- externalhttps://issues.redhat.com/browse/MTA-2314
- externalhttps://issues.redhat.com/browse/MTA-2341
- externalhttps://issues.redhat.com/browse/MTA-2380
- externalhttps://issues.redhat.com/browse/MTA-2400
- externalhttps://issues.redhat.com/browse/MTA-2409
- externalhttps://issues.redhat.com/browse/MTA-2410
- externalhttps://issues.redhat.com/browse/MTA-2426
- externalhttps://issues.redhat.com/browse/MTA-2427
- externalhttps://issues.redhat.com/browse/MTA-2451
- externalhttps://issues.redhat.com/browse/MTA-2452
- externalhttps://issues.redhat.com/browse/MTA-2495
- externalhttps://issues.redhat.com/browse/MTA-2503
- externalhttps://issues.redhat.com/browse/MTA-2505
- externalhttps://issues.redhat.com/browse/MTA-2512
- externalhttps://issues.redhat.com/browse/MTA-2513
- externalhttps://issues.redhat.com/browse/MTA-2518
- externalhttps://issues.redhat.com/browse/MTA-2550
- externalhttps://issues.redhat.com/browse/MTA-2560
- externalhttps://issues.redhat.com/browse/MTA-2563
- externalhttps://issues.redhat.com/browse/MTA-2616
- externalhttps://issues.redhat.com/browse/MTA-2652
- externalhttps://issues.redhat.com/browse/MTA-2654
- externalhttps://issues.redhat.com/browse/MTA-2661
- externalhttps://issues.redhat.com/browse/MTA-2681
- externalhttps://issues.redhat.com/browse/MTA-2781
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3316.json