Site icon API Security Blog

(RHSA-2024:8023) Important: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements

This release includes security, bug fixes, and enhancements. Security Fix(es): axios: axios: Server-Side Request Forgery (CVE-2024-39338) express: Improper Input Handling in Express Redirects (CVE-2024-43796) io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391) io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391) send: Code Execution Vulnerability in Send Library (CVE-2024-43799) serve-static: Improper Sanitization in serve-static (CVE-2024-43800) webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788) For more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References…Read More

Exit mobile version