What is RHSA-2024:3635?

RHSA-2024:3635 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update

What is the CVSS v3 score of RHSA-2024:3635?

RHSA-2024:3635 has a CVSS v3 base score of 8.8, published by Red Hat Product Security.

RHSA-2024:3635HighCVSS 8.8

Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update

Vendor

Red Hat Product Security

Published

June 5, 2024

Last Modified

May 23, 2026

🔗 CVE IDs covered (8)

CVE-2023-48795 →CVE-2024-22201 →CVE-2024-23899 →CVE-2024-23900 →CVE-2024-24786 →CVE-2024-28149 →CVE-2024-34144 →CVE-2024-34145 →

📋 Description

CVE-2023-48795 — ssh: Prefix truncation attack on Binary Packet Protocol (BPP) CVE-2024-22201 — jetty: stop accepting new connections from valid clients CVE-2024-23899 — jenkins-2-plugins: git-server plugin arbitrary file read vulnerability CVE-2024-23900 — jenkins-2-plugins: matrix-project plugin path traversal vulnerability CVE-2024-24786 — golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-28149 — jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin CVE-2024-34144 — jenkins-plugin/script-security: sandbox bypass via crafted constructor bodies CVE-2024-34145 — jenkins-plugin/script-security: sandbox bypass via sandbox-defined classes

🔗 CVE IDs covered (8)

📋 Description

🔗 References (11)