RHSA-2024:9485HighCVSS 7.5

Red Hat Security Advisory: Control plane Operators for RHOSO 18.0.3 (Feature Release 1) security update

Published
November 13, 2024
Last Modified
July 11, 2026

🔗 CVE IDs covered (8)

📋 Description

CVE-2023-45289 — golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect CVE-2023-45290 — golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm CVE-2024-24783 — golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24784 — golang: net/mail: comments in display names are incorrectly handled CVE-2024-24785 — golang: html/template: errors returned from MarshalJSON methods may break template escaping CVE-2024-24788 — golang: net: malformed DNS message can cause infinite loop CVE-2024-34155 — go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion CVE-2024-34156 — encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

🔗 References (61)