RHSA-2024:9620HighCVSS 8.2
Red Hat Security Advisory: OpenShift Container Platform 4.14.41 bug fix and security update
🔗 CVE IDs covered (4)
📋 Description
CVE-2024-6508 — openshift-console: OAuth2 insufficient state parameter entropy CVE-2024-7409 — QEMU: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure CVE-2024-47875 — dompurify: nesting-based mutation XSS vulnerability CVE-2024-48910 — dompurify: DOMPurify vulnerable to tampering by prototype pollution
🔗 References (21)
- selfhttps://access.redhat.com/errata/RHSA-2024:9620
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2295777
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2302487
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2318052
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2322949
- externalhttps://issues.redhat.com/browse/OCPBUGS-42111
- externalhttps://issues.redhat.com/browse/OCPBUGS-43490
- externalhttps://issues.redhat.com/browse/OCPBUGS-43647
- externalhttps://issues.redhat.com/browse/OCPBUGS-43980
- externalhttps://issues.redhat.com/browse/OCPBUGS-43981
- externalhttps://issues.redhat.com/browse/OCPBUGS-44002
- externalhttps://issues.redhat.com/browse/OCPBUGS-44048
- externalhttps://issues.redhat.com/browse/OCPBUGS-44095
- externalhttps://issues.redhat.com/browse/OCPBUGS-44107
- externalhttps://issues.redhat.com/browse/OCPBUGS-44213
- externalhttps://issues.redhat.com/browse/OCPBUGS-44295
- externalhttps://issues.redhat.com/browse/OCPBUGS-44304
- externalhttps://issues.redhat.com/browse/OCPBUGS-44360
- externalhttps://issues.redhat.com/browse/OCPBUGS-44379
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9620.json