Important: Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements

Release of OpenShift Serverless Logic 1.34.0 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.6.GA)

An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available RHBQ 3.8.6.GA. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. An update for Red Hat...

Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 3.8.6 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...

CVE-2024-8391

A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service. Mitigation Mitigation for this issue is either not available or the currently...

com.github.nbbrd.sdmx-dl:sdmx-dl-grpc (=3.0.0-beta.12), com.github.rebue.wheel:wheel-vertx (>=2.2.9 <=2.2.12) +178 more potentially affected by CVE-2024-8391 via io.vertx:vertx-grpc-client (>=4.3.0 <=4.5.1)

io.vertx:vertx-grpc-client MAVEN version =4.3.0, =2.2.9, =0.30.0, =0.21.0, =2.0.0, =2.8.0, =0.2.0, =0.0.7, =0.0.7, =0.0.7, =2.7.0, =2.7.0, =2.7.0, =1.0.4, =1.0.4, =2.0.1 and more Source cves: CVE-2024-8391 Source advisory: OSV:GHSA-G76F-GJFX-4RPR...

com.github.nbbrd.sdmx-dl:sdmx-dl-grpc (=3.0.0-beta.12), com.github.rebue.wheel:wheel-vertx (>=2.2.9 <=2.2.12) +173 more potentially affected by CVE-2024-8391 via io.vertx:vertx-grpc-server (>=4.3.0 <=4.5.1)

io.vertx:vertx-grpc-server MAVEN version =4.3.0, =2.2.9, =0.30.0, =0.21.0, =2.8.0, =0.2.0, =0.0.7, =0.0.7, =0.0.7, =2.7.0, =2.7.0, =2.7.0, =1.0.4, =1.0.4, =1.3.0, =2.7.0 and more Source cves: CVE-2024-8391 Source advisory: OSV:GHSA-G76F-GJFX-4RPRhttps://vulners.com/osv/OSV:GHSA-G...

GHSA-G76F-GJFX-4RPR Vertx gRPC server does not limit the maximum message size

In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client. This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty...