VDB

RHSA-2024%3A8683

RHSA-2024%3A8683 PUBLISHED CVSS 8 HIGH

A flaw was found in DOMPurify that could allow for a nesting-based mXSS to not be properly sanitized.

Risk Scores

CVSS 3.1
8
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-kube-rbac-proxy-rhel9@sha256:f4a0ccf168fa0138618da702f9fe5bc665a13d3910ab0476096fdbab4471ab8c_amd64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-kube-rbac-proxy-rhel9@sha256:f4a0ccf168fa0138618da702f9fe5bc665a13d3910ab0476096fdbab4471ab8c_amd64
Red Hatopenshift4/ose-multus-cni-rhel9@sha256:7f559671b2171e97256a5178c88adb838b4670f550867c351313f4dbe65e3707_arm64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-multus-cni-rhel9@sha256:7f559671b2171e97256a5178c88adb838b4670f550867c351313f4dbe65e3707_arm64
Red Hatopenshift4/ose-machine-config-rhel9-operator@sha256:bf06286b152073433a41bd6d402bd612e7799c24f29fb2384a174c1dd93789d2_arm64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-machine-config-rhel9-operator@sha256:bf06286b152073433a41bd6d402bd612e7799c24f29fb2384a174c1dd93789d2_arm64
Red Hatopenshift4/ose-multus-admission-controller-rhel9@sha256:08ac7ce1c4c0310a1f8aa7fb5999e67d462f9bf9ef699e73efdca7fa8b224bca_ppc64le as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-multus-admission-controller-rhel9@sha256:08ac7ce1c4c0310a1f8aa7fb5999e67d462f9bf9ef699e73efdca7fa8b224bca_ppc64le
Red Hatopenshift4/ose-multus-networkpolicy-rhel9@sha256:c31b4be27aa3413c1380447b8758d4e7159fbc9c9b46724954b9d52a4c7822f9_ppc64le as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-multus-networkpolicy-rhel9@sha256:c31b4be27aa3413c1380447b8758d4e7159fbc9c9b46724954b9d52a4c7822f9_ppc64le
Red Hatopenshift4/ose-azure-workload-identity-webhook-rhel9@sha256:91c8ab14b2963a5f6c6ef5953c65cd2df6a15abc9f87cea5121b25c4d7cd64c7_amd64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-azure-workload-identity-webhook-rhel9@sha256:91c8ab14b2963a5f6c6ef5953c65cd2df6a15abc9f87cea5121b25c4d7cd64c7_amd64
Red Hatopenshift4/ose-must-gather-rhel9@sha256:2de07af89683678ae6bb7a939615fc0d4ced7fe185add38b050f2c6f60023b6f_amd64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-must-gather-rhel9@sha256:2de07af89683678ae6bb7a939615fc0d4ced7fe185add38b050f2c6f60023b6f_amd64
Red Hatopenshift4/ose-aws-ebs-csi-driver-rhel9@sha256:cc6472e614b4216271e7f0a116472e1ec16aa1a73684446db7fc16e3783613c8_amd64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-aws-ebs-csi-driver-rhel9@sha256:cc6472e614b4216271e7f0a116472e1ec16aa1a73684446db7fc16e3783613c8_amd64
Red Hatopenshift4/ose-machine-config-rhel9-operator@sha256:a1633a2651a568259415dbb0b10128eb3cea9824a2a1f3faad32f90f6ebdd80d_ppc64le as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-machine-config-rhel9-operator@sha256:a1633a2651a568259415dbb0b10128eb3cea9824a2a1f3faad32f90f6ebdd80d_ppc64le
Red Hatopenshift4/ose-csi-driver-shared-resource-rhel9-operator@sha256:dd8f6cce22ca1723cc2d5c0b1864df2a21eafef983f92aabb10a1a1234f4765c_arm64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-csi-driver-shared-resource-rhel9-operator@sha256:dd8f6cce22ca1723cc2d5c0b1864df2a21eafef983f92aabb10a1a1234f4765c_arm64
Red Hatopenshift4/ose-baremetal-installer-rhel9@sha256:1cb0a055ce71b6f04dc8311bd129b94a3f066795aee15287a095776ec2cf5ad0_arm64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-baremetal-installer-rhel9@sha256:1cb0a055ce71b6f04dc8311bd129b94a3f066795aee15287a095776ec2cf5ad0_arm64
Red Hatopenshift4/ose-prometheus-operator-admission-webhook-rhel9@sha256:08b2261b9f60e1a412b53d67ef9e88aa47192d94de4d0dbe896a339be87f0ce8_arm64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-prometheus-operator-admission-webhook-rhel9@sha256:08b2261b9f60e1a412b53d67ef9e88aa47192d94de4d0dbe896a339be87f0ce8_arm64
Red Hatopenshift4/ose-azure-file-csi-driver-rhel9@sha256:3ea6e4c9daba6c837420ea62089d999df4ba38d70e2d8ad1e15cb91b5b63d47c_arm64 as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-gcp-pd-csi-driver-rhel9@sha256:803375f8478d9a8cb105196c8974e16e61ccae3723391813884287f8737f4216_arm64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-gcp-pd-csi-driver-rhel9@sha256:803375f8478d9a8cb105196c8974e16e61ccae3723391813884287f8737f4216_arm64
Red Hatopenshift4/ose-tests-rhel9@sha256:976d35410e489dd77c371f85ace47d1676b01efd905fed5e501f7c16c9e99299_s390x as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-image-customization-controller-rhel9@sha256:ded31a66e89645d6967c52da712802f2964f7168cb85dfb28854e47472e24732_arm64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-image-customization-controller-rhel9@sha256:ded31a66e89645d6967c52da712802f2964f7168cb85dfb28854e47472e24732_arm64
Red Hatopenshift4/ose-pod-rhel9@sha256:f94c7f77fb337037570be5fa6d26ba3def978f9c440cc2bd56950415ac54ed7a_s390x as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-pod-rhel9@sha256:f94c7f77fb337037570be5fa6d26ba3def978f9c440cc2bd56950415ac54ed7a_s390x
Red Hatopenshift4/ose-olm-operator-controller-rhel9@sha256:cdc139b88543c03d90253c79bb2e03ff7b34205ef3b96bf3d982f3ef719373b6_ppc64le as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-cluster-capi-rhel9-operator@sha256:3b3cb4794376519bd98a4fd12218825afd1e538e5c3469b81dc9d9a139f5d8c0_ppc64le as a component of Red Hat OpenShift Container Platform 4.16*
Red Hatopenshift4/ose-openshift-apiserver-rhel9@sha256:1c1a24dc36f8908f4fc9c8629e66b942b85ac80181d0a9c87289b889df9d0316_arm64 as a component of Red Hat OpenShift Container Platform 4.16openshift4/ose-openshift-apiserver-rhel9@sha256:1c1a24dc36f8908f4fc9c8629e66b942b85ac80181d0a9c87289b889df9d0316_arm64

…and 644 more

Timeline

  • Nov 6, 2024 CVE Published
  • Apr 30, 2026 CVE Updated
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Security Advisory
  • Apr 30, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›