Lucene search
RedHatRHSA-2024:4836HistoryJul 24, 2024 - 4:16 p.m.
(RHSA-2024:4836) Moderate: RHACS 4.5 enhancement and security update
2024-07-2416:16:52
access.redhat.com
4
rhacs 4.5
vulnerability management
compliance updates
email notifier
pki
network policy
cve-2024-28849
cve-2024-29903
CVSS3
8.6
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.004
Percentile
75.3%
Release of RHACS 4.5 provides these changes:
New features:
- Scanner V4 is generally available
- Vulnerability Management 2.0 is generally available
- Compliance updates
- Built-in email notifier in RHACS Cloud Service
- roxctl installation GitHub action
- Bring your own PKI for signature verification
- Build-time network policy tools updates
- Enhanced RHACS Cloud Service experience
This releases updates the following items to patch vulnerabilities:
- (CVE-2024-28849) The
follow-redirectmodule was updated to 1.15.6. - (CVE-2024-29903) Updated
cosignto 2.2.4. - (CVE-2024-29902) Updated
cosignto 2.2.4.
For more information on new features and other details, see https://docs.openshift.com/acs/4.5/release_notes/45-release-notes.html.
Related
openvas
openvas
openSUSE: Security Advisory for cosign (SUSE-SU-2024:1486-2)
2024-08-20 00:00:00
openSUSE: Security Advisory for cosign (SUSE-SU-2024:1486-1)
2024-08-20 00:00:00
Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-1888)
2024-07-16 00:00:00
nessus
nessus
Debian dla-3823 : less - security update
2024-05-27 00:00:00
RHEL 8 : less (RHSA-2024:4256)
2024-07-02 00:00:00
EulerOS Virtualization 2.10.0 : less (EulerOS-SA-2024-2121)
2024-08-19 00:00:00
osv
osv
less - security update
2024-05-03 00:00:00
less - security update
2024-05-27 00:00:00
Important: less security update
2024-07-02 00:00:00
debian
debian
[SECURITY] [DSA 5679-1] less security update
2024-05-03 21:12:55
[SECURITY] [DLA 3823-1] less security update
2024-05-27 19:50:55
almalinux
almalinux
Important: less security update
2024-07-02 00:00:00
oraclelinux
oraclelinux
less security update
2024-07-02 00:00:00
redhat
redhat
(RHSA-2024:4697) Moderate: Red Hat build of Cryostat security update
2024-07-22 10:10:07
(RHSA-2024:4721) Moderate: nodejs security update
2024-07-23 08:25:08
(RHSA-2024:2780) Important: nodejs:18 security update
2024-05-09 05:32:23
github
github
Cosign malicious artifacts can cause machine-wide DoS
2024-04-11 17:15:46
Cosign malicious attachments can cause system-wide denial of service
2024-04-11 17:05:01
follow-redirects' Proxy-Authorization header kept across hosts
2024-03-14 17:19:42
vulnrichment
vulnrichment
veracode
veracode
Denial Of Service (DoS)
2024-04-15 08:56:33
Denial Of Service (DOS)
2024-04-15 09:02:51
Credential Leakage
2024-03-18 04:38:05
cgr
cgr
CVE-2024-29902 vulnerabilities
2024-05-19 03:07:16
CVE-2024-29903 vulnerabilities
2024-05-19 03:07:16
CVE-2024-28849 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2024-29902 vulnerabilities
2024-09-16 09:11:41
CVE-2024-29903 vulnerabilities
2024-09-16 09:11:41
CVE-2024-28849 vulnerabilities
2024-09-16 09:11:41
nvd
nvd
cve
cve
alpinelinux
alpinelinux
redhatcve
redhatcve
cvelist
cvelist
ibm
ibm
Security Bulletin: IBM Decision Optimization for Cloud Pak for Data may be vulnerable to a remote attacker (CVE-2024-28849)
2024-04-30 07:36:22
fedora
fedora
[SECURITY] Fedora 40 Update: c-ares-1.28.1-1.fc40
2024-04-19 21:40:06
[SECURITY] Fedora 40 Update: pgadmin4-8.4-2.fc40
2024-03-23 00:52:38
[SECURITY] Fedora 39 Update: c-ares-1.28.1-1.fc39
2024-04-16 02:26:25
cbl_mariner
cbl_mariner
CVE-2024-28849 affecting package reaper for versions less than 3.1.1-9
2024-06-06 19:53:22
ubuntucve
ubuntucve
CVE-2024-28849
2024-03-14 00:00:00
debiancve
debiancve
CVE-2024-28849
2024-03-14 17:15:52
mageia
mageia
Updated c-ares packages fix security vulnerabilitie
2024-02-28 08:47:52
ubuntu
ubuntu
c-ares vulnerability
2024-03-06 00:00:00
rocky
rocky
nodejs:18 security update
2024-05-09 18:51:51
nodejs:18 security update
2024-05-09 18:50:42
amazon
amazon
Important: less
2024-05-23 22:04:00
slackware
slackware
[slackware-security] less
2024-04-14 18:39:08
CVSS3
8.6
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.004
Percentile
75.3%
Related for RHSA-2024:4836