RockyLinux 9 : grafana (RLSA-2024:9473)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:9473 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-3415...

Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.6.27

Logging for Red Hat OpenShift - 5.6.27 Logging for Red Hat OpenShift - 5.6.27 dompurify: nesting-based mutation XSS vulnerability CVE-2024-47875...

Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.16

Logging for Red Hat OpenShift - 5.8.16 Logging for Red Hat OpenShift - 5.8.16 dompurify: nesting-based mutation XSS vulnerability CVE-2024-47875...

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.6

Red Hat OpenShift Service Mesh Containers for 2.5.6 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift...

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 dompurify:...

dompurify: nesting-based mutation XSS vulnerability

A flaw was found in DOMPurify that could allow for a nesting-based mXSS to not be properly sanitized...