What is RHSA-2024:6235?

RHSA-2024:6235 is a security advisory published by Red Hat Product Security with Medium severity. Red Hat Security Advisory: Red Hat Trusted Profile Analyzer 1.1.2

Which CVE IDs does RHSA-2024:6235 cover?

RHSA-2024:6235 covers the following CVE IDs: CVE-2024-39249. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2024:6235?

RHSA-2024:6235 has a CVSS v3 base score of 5.3, published by Red Hat Product Security.

RHSA-2024:6235MediumCVSS 5.3

Red Hat Security Advisory: Red Hat Trusted Profile Analyzer 1.1.2

Vendor

Red Hat Product Security

Published

September 3, 2024

Last Modified

June 2, 2026

🔗 CVE IDs covered (1)

CVE-2024-39249 →

📋 Description

CVE-2024-39249 — nodejs-async: Regular expression denial of service while parsing function in autoinject

🔗 References (7)

selfhttps://access.redhat.com/errata/RHSA-2024:6235
externalhttps://access.redhat.com/security/cve/CVE-2024-39249
externalhttps://access.redhat.com/security/updates/classification/
externalhttps://issues.redhat.com/browse/TC-1640
externalhttps://issues.redhat.com/browse/TC-1730
externalhttps://docs.redhat.com/en/documentation/red_hat_trusted_profile_analyzer/1.1/html/release_notes/index
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6235.json