Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:1864
HistoryApr 16, 2024 - 7:49 p.m.

(RHSA-2024:1864) Important: Red Hat Single Sign-On 7.6.8 for OpenShift image enhancement and security update

2024-04-1619:49:03
access.redhat.com
7
red hat
single sign-on
openshift
authentication
authorization
security update
containerized image
web services
cve
openshift container platform
cloud computing
paas
deployment
unix

7 High

AI Score

Confidence

Low

0.05 Low

EPSS

Percentile

92.9%

JSON

Red Hat Single Sign-On is an integrated sign-on solution, available as a
Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat
Single Sign-On for OpenShift image provides an authentication server that
you can use to log in centrally, log out, and register. You can also manage
user accounts for web applications, mobile applications, and RESTful web
services.

Security Fix(es):

  • Authorization Bypass (CVE-2023-6544)
  • Log Injection during WebAuthn authentication or registration (CVE-2023-6484)
  • path transversal in redirection validation (CVE-2024-1132)
  • unvalidated cross-origin messages in checkLoginIframe leads to DDoS (CVE-2024-1249)
  • undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol (CVE-2024-1635)

This erratum releases a new image for Red Hat Single Sign-On 7.6.8 for
use within the OpenShift Container Platform 3.10, OpenShift Container Platform
3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release.

Related

nessus 75
redhat 26
osv 18
rocky 4
almalinux 7
oraclelinux 7
openvas 36
debian 5
amazon 2
freebsd 1
freebsd_advisory 1
fedora 7
mageia 2
ubuntu 4
akamaiblog 1
redos 1
cloudlinux 1
ibm 1
nessus
nessus
RHEL 8 : Red Hat Single Sign-On 7.6.8 security update on RHEL 8 (Important) (RHSA-2024:1861)
2024-04-17 00:00:00
RHEL 9 : Red Hat Single Sign-On 7.6.8 security update on RHEL 9 (Important) (RHSA-2024:1862)
2024-04-17 00:00:00
RHEL 7 : Red Hat Single Sign-On 7.6.8 and security update on RHEL 7 (Important) (RHSA-2024:1860)
2024-04-17 00:00:00
redhat
redhat
(RHSA-2024:1862) Important: Red Hat Single Sign-On 7.6.8 security update on RHEL 9
2024-04-16 19:48:44
(RHSA-2024:1866) Important: Red Hat Single Sign-On 7.6.8 security update
2024-04-16 20:02:21
(RHSA-2024:1860) Important: Red Hat Single Sign-On 7.6.8 enhancement and security update on RHEL 7
2024-04-16 19:48:33
osv
osv
Moderate: curl security and bug fix update
2024-04-05 14:55:53
Moderate: curl security and bug fix update
2024-04-02 00:00:00
Important: bind and dhcp security update
2024-05-06 13:04:07
rocky
rocky
curl security and bug fix update
2024-04-05 14:55:53
bind and dhcp security update
2024-05-06 13:04:07
bind and dhcp security update
2024-06-14 13:59:16
almalinux
almalinux
Moderate: curl security and bug fix update
2024-04-02 00:00:00
Important: bind and dhcp security update
2024-05-22 00:00:00
Important: bind and dhcp security update
2024-04-12 00:00:00
oraclelinux
oraclelinux
curl security and bug fix update
2024-04-03 00:00:00
bind and dhcp security update
2024-05-29 00:00:00
bind, bind-dyndb-ldap, and dhcp security update
2024-06-10 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1850)
2024-07-01 00:00:00
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1864)
2024-07-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1894-1)
2024-06-03 00:00:00
debian
debian
[SECURITY] [DLA 3692-1] curl security update
2023-12-22 14:27:56
[SECURITY] [DLA 3736-1] unbound security update
2024-02-21 12:20:40
[SECURITY] [DSA 5620-1] unbound security update
2024-02-14 06:49:32
amazon
amazon
Important: unbound
2024-02-29 10:03:00
Important: bind
2024-04-24 22:15:00
freebsd
freebsd
powerdns-recursor -- Multiple Vulnerabilities
2024-02-14 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-24:03.unbound
2024-03-28 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: dnsmasq-2.90-1.fc39
2024-02-19 02:29:29
[SECURITY] Fedora 38 Update: dnsmasq-2.90-1.fc38
2024-02-29 01:59:13
[SECURITY] Fedora 39 Update: unbound-1.19.1-2.fc39
2024-02-18 00:55:50
mageia
mageia
Updated dnsmasq packages fix security vulnerabilities
2024-02-18 04:49:05
Updated bind packages fix security vulnerabilities
2024-02-15 21:36:07
ubuntu
ubuntu
Bind vulnerabilities
2024-04-09 00:00:00
Unbound vulnerabilities
2024-02-28 00:00:00
Bind vulnerabilities
2024-02-19 00:00:00
akamaiblog
akamaiblog
CVE-2023-50387 and CVE-2023-50868 ? DNS Exploit KeyTrap Posed Major Internet Threat
2024-02-15 07:00:00
redos
redos
ROS-20240410-09
2024-04-10 00:00:00
cloudlinux
cloudlinux
bind: Fix of 2 CVEs
2024-03-14 17:26:05
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
2024-04-23 14:11:37

7 High

AI Score

Confidence

Low

0.05 Low

EPSS

Percentile

92.9%

JSON
Related for RHSA-2024:1864
nessus75redhat26osv18rocky4almalinux7oraclelinux7openvas36debian5amazon2freebsd1freebsd_advisory1fedora7mageia2ubuntu4akamaiblog1redos1cloudlinux1ibm1