Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

CVE-2023-26159 — follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() CVE-2023-26364 — css-tools: Improper Input Validation causes Denial of Service via Regular Expression CVE-2023-36479 — jetty: Improper addition of quotation marks to user inputs in CgiServlet CVE-2023-45857 — axios: exposure of confidential data stored in cookies CVE-2023-48631 — css-tools: regular expression denial of service (ReDoS) when parsing CSS CVE-2024-1023 — io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx CVE-2024-1132 — keycloak: path transversal in redirection validation CVE-2024-1300 — io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support CVE-2024-25710 — commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file CVE-2024-26308 — commons-compress: OutOfMemoryError unpacking broken Pack200 file CVE-2024-28849 — follow-redirects: Possible credential leak CVE-2024-29131 — commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() CVE-2024-29133 — commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree CVE-2024-29180 — webpack-dev-middleware: lack of URL validation may lead to file leak