RHSA-2024:4484HighCVSS 8.1
Red Hat Security Advisory: OpenShift Container Platform 4.13.45 bug fix and security update
🔗 CVE IDs covered (5)
📋 Description
CVE-2023-45288 — golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-48795 — ssh: Prefix truncation attack on Binary Packet Protocol (BPP) CVE-2024-5037 — openshift/telemeter: iss check during JWT authentication can be bypassed CVE-2024-6387 — openssh: regreSSHion - race condition in SSH allows RCE/DoS CVE-2024-28180 — jose-go: improper handling of highly compressed data
🔗 References (18)
- selfhttps://access.redhat.com/errata/RHSA-2024:4484
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2254210
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2268273
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2268854
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2272339
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2294604
- externalhttps://issues.redhat.com/browse/OCPBUGS-32015
- externalhttps://issues.redhat.com/browse/OCPBUGS-34422
- externalhttps://issues.redhat.com/browse/OCPBUGS-35077
- externalhttps://issues.redhat.com/browse/OCPBUGS-35380
- externalhttps://issues.redhat.com/browse/OCPBUGS-35562
- externalhttps://issues.redhat.com/browse/OCPBUGS-35857
- externalhttps://issues.redhat.com/browse/OCPBUGS-35976
- externalhttps://issues.redhat.com/browse/OCPBUGS-35990
- externalhttps://issues.redhat.com/browse/OCPBUGS-36501
- externalhttps://issues.redhat.com/browse/OCPBUGS-36551
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4484.json