#js

# Microsoft Security Advisory CVE-2024-38229 | .NET Remote Code Execution Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in ASP.NET when closing an HTTP/3 stream while application code is writing to the response body, a race condition may lead to use-after-free. Note: HTTP/3 is experimental in .NET 6.0. If you are on .NET 6.0 and using HTTP/3, please upgrade to .NET 8.0.10. .NET 6.0 will not receive a security patch for this vulnerability. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/326 ## <a name="mitigation-factors"></a>Mitigation factors HTTP/3 support is not enabled by default in ASP.NET Core applications. For more information on how ...

Red Hat Security Advisory 2024-7794-03 - An update for skopeo is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-7793-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-7792-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-7791-03 - An update for podman is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-7785-03 - An update for python-gevent is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-7769-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-7744-03 - Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.13.12 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.

Red Hat Security Advisory 2024-7736-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include an information leakage vulnerability.

Red Hat Security Advisory 2024-7735-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include an information leakage vulnerability.