RHSA-2025:8059HighCVSS 7.5
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.7 Bug Fix Update
🔗 CVE IDs covered (8)
📋 Description
CVE-2024-11831 — npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript CVE-2024-21536 — http-proxy-middleware: Denial of Service CVE-2024-29041 — express: cause malformed URLs to be evaluated CVE-2024-39249 — nodejs-async: Regular expression denial of service while parsing function in autoinject CVE-2024-45338 — golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html CVE-2024-45590 — body-parser: Denial of Service Vulnerability in body-parser CVE-2025-27144 — go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-30204 — golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing
🔗 References (7)
- selfhttps://access.redhat.com/errata/RHSA-2025:8059
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://issues.redhat.com/browse/DFBUGS-1033
- externalhttps://issues.redhat.com/browse/DFBUGS-1701
- externalhttps://issues.redhat.com/browse/DFBUGS-331
- externalhttps://issues.redhat.com/browse/DFBUGS-530
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8059.json