What is RHSA-2024:8677?

RHSA-2024:8677 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.6 security update

What is the CVSS v3 score of RHSA-2024:8677?

RHSA-2024:8677 has a CVSS v3 base score of 7.5, published by Red Hat Product Security.

RHSA-2024:8677HighCVSS 7.5

Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.6 security update

Vendor

Red Hat Product Security

Published

October 30, 2024

Last Modified

May 26, 2026

🔗 CVE IDs covered (7)

CVE-2024-43799 →CVE-2024-43800 →CVE-2024-45590 →CVE-2024-6104 →CVE-2024-24786 →CVE-2024-28849 →CVE-2024-43796 →

📋 Description

CVE-2024-6104 — go-retryablehttp: url might write sensitive information to log file CVE-2024-24786 — golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-28849 — follow-redirects: Possible credential leak CVE-2024-43796 — express: Improper Input Handling in Express Redirects CVE-2024-43799 — send: Code Execution Vulnerability in Send Library CVE-2024-43800 — serve-static: Improper Sanitization in serve-static CVE-2024-45590 — body-parser: Denial of Service Vulnerability in body-parser

🔗 References (4)

selfhttps://access.redhat.com/errata/RHSA-2024:8677
externalhttps://access.redhat.com/security/updates/classification/#important
externalhttps://issues.redhat.com/browse/GITOPS-4234
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8677.json