Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:0308
HistoryJan 24, 2024 - 8:59 p.m.

(RHSA-2024:0308) Moderate: OpenShift Container Platform 4.11.57 packages and security update

2024-01-2420:59:59
access.redhat.com
13
openshift
kubernetes
cloud computing
security update
rpm packages
container images
haproxy
cvss score
cve page
upgrade
release channel
cli
web console
cluster upgrading.

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.5%

JSON

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.57. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2024:0306

Security Fix(es):

  • haproxy: Proxy forwards malformed empty Content-Length headers
    (CVE-2023-40225)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html

OSVersionArchitecturePackageVersionFilename
RedHat8ppc64lecontainernetworking-plugins-debuginfo< 1.4.0-1.rhaos4.11.el8containernetworking-plugins-debuginfo-1.4.0-1.rhaos4.11.el8.ppc64le.rpm
RedHat8x86_64containernetworking-plugins< 1.4.0-1.rhaos4.11.el8containernetworking-plugins-1.4.0-1.rhaos4.11.el8.x86_64.rpm
RedHat8x86_64haproxy22< 2.2.24-4.rhaos4.11.el8haproxy22-2.2.24-4.rhaos4.11.el8.x86_64.rpm
RedHat8aarch64haproxy22< 2.2.24-4.rhaos4.11.el8haproxy22-2.2.24-4.rhaos4.11.el8.aarch64.rpm
RedHat8x86_64haproxy22-debuginfo< 2.2.24-4.rhaos4.11.el8haproxy22-debuginfo-2.2.24-4.rhaos4.11.el8.x86_64.rpm
RedHat8s390xhaproxy22< 2.2.24-4.rhaos4.11.el8haproxy22-2.2.24-4.rhaos4.11.el8.s390x.rpm
RedHat8aarch64containernetworking-plugins-debuginfo< 1.4.0-1.rhaos4.11.el8containernetworking-plugins-debuginfo-1.4.0-1.rhaos4.11.el8.aarch64.rpm
RedHat8aarch64containernetworking-plugins< 1.4.0-1.rhaos4.11.el8containernetworking-plugins-1.4.0-1.rhaos4.11.el8.aarch64.rpm
RedHat8ppc64lehaproxy22< 2.2.24-4.rhaos4.11.el8haproxy22-2.2.24-4.rhaos4.11.el8.ppc64le.rpm
RedHat8x86_64containernetworking-plugins-debugsource< 1.4.0-1.rhaos4.11.el8containernetworking-plugins-debugsource-1.4.0-1.rhaos4.11.el8.x86_64.rpm
Rows per page:
1-10 of 241

Related

nessus 26
openvas 11
cvelist 1
veracode 1
redos 1
ubuntu 2
alpinelinux 1
prion 1
ubuntucve 1
redhatcve 1
cve 1
mageia 1
redhat 6
osv 6
cgr 1
cbl_mariner 1
debiancve 1
wolfi 1
almalinux 1
debian 1
photon 3
oraclelinux 1
rosalinux 1
ibm 1
nessus
nessus
SUSE SLES15 Security Update : haproxy (SUSE-SU-2023:3490-1)
2023-08-31 00:00:00
RHEL 8 : OpenShift Container Platform 4.11.57 (RHSA-2024:0308)
2024-04-28 00:00:00
EulerOS 2.0 SP9 : haproxy (EulerOS-SA-2023-2878)
2024-01-16 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2023-3215)
2023-11-10 00:00:00
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2023-3008)
2023-10-31 00:00:00
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2023-2878)
2023-10-09 00:00:00
cvelist
cvelist
CVE-2023-40225
2023-08-10 00:00:00
veracode
veracode
HTTP Request Smuggling
2023-08-23 12:33:10
redos
redos
ROS-20240401-04
2024-04-01 00:00:00
ubuntu
ubuntu
HAProxy vulnerability
2023-08-17 00:00:00
HAProxy vulnerability
2023-08-16 00:00:00
alpinelinux
alpinelinux
CVE-2023-40225
2023-08-10 21:15:10
prion
prion
Cross site request forgery (csrf)
2023-08-10 21:15:00
ubuntucve
ubuntucve
CVE-2023-40225
2023-08-10 00:00:00
redhatcve
redhatcve
CVE-2023-40225
2023-08-15 19:49:16
cve
cve
CVE-2023-40225
2023-08-10 21:15:10
mageia
mageia
Updated haproxy packages fix security vulnerability
2023-11-20 13:04:11
redhat
redhat
(RHSA-2023:7606) Moderate: OpenShift Container Platform 4.13.25 packages and security update
2023-12-06 00:41:07
(RHSA-2024:0200) Moderate: OpenShift Container Platform 4.12.47 security update
2024-01-17 18:29:03
(RHSA-2024:1142) Moderate: haproxy security update
2024-03-05 15:32:23
osv
osv
CVE-2023-40225
2023-08-10 21:15:10
BIT-haproxy-2023-40225
2024-03-06 10:53:12
haproxy vulnerability
2023-08-17 14:53:13
cgr
cgr
CVE-2023-40225 vulnerabilities
2024-05-17 15:41:37
cbl_mariner
cbl_mariner
CVE-2023-40225 affecting package haproxy for versions less than 2.4.24-1
2023-08-30 14:44:06
debiancve
debiancve
CVE-2023-40225
2023-08-10 21:15:10
wolfi
wolfi
CVE-2023-40225 vulnerabilities
2024-05-17 16:29:45
almalinux
almalinux
Moderate: haproxy security update
2024-03-05 00:00:00
debian
debian
[SECURITY] [DSA 5590-1] haproxy security update
2023-12-28 12:46:56
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0455
2023-08-22 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0075
2023-08-21 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0637
2023-08-23 00:00:00
oraclelinux
oraclelinux
haproxy security update
2024-03-06 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2400
2024-04-17 13:35:24
ibm
ibm
Security Bulletin: Multiple Security Vulnerabilities were identified in IBM Security Verify Access.
2024-01-09 20:33:04

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.5%

JSON
Related for RHSA-2024:0308
nessus26openvas11cvelist1veracode1redos1ubuntu2alpinelinux1prion1ubuntucve1redhatcve1cve1mageia1redhat6osv6cgr1cbl_mariner1debiancve1wolfi1almalinux1debian1photon3oraclelinux1rosalinux1ibm1