#js

Red Hat Security Advisory 2024-5325-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include bypass, out of bounds read, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-5324-03 - An update for firefox is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

Red Hat Security Advisory 2024-5323-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include bypass, out of bounds read, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-5316-03 - An update for krb5 is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.

Red Hat Security Advisory 2024-5315-03 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2024-5314-03 - Red Hat OpenShift Virtualization release 4.13.10 is now available with updates to packages and images that fix several bugs and add enhancements.

Red Hat Security Advisory 2024-5312-03 - An update for krb5 is now available for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-5309-03 - An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-5306-03 - An update for orc is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.

# Microsoft Security Advisory CVE-2024-38168 | .NET Denial of Service Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET when an attacker through unauthenticated requests may trigger a Denial of Service in ASP.NET HTTP.sys web server. This is a windows OS only vulnerability. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/320 ## <a name="mitigation-factors"></a>Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. ## <a name="affected-software"></a>Affected software * Any .NET 8.0 application running on .NET 8.0.7 or earlier. ## <a name="affected-packages"></a>Affected Packages The vulnerability affects any M...