{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-43796", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-08-16T14:20:37.325Z", "datePublished": "2024-09-10T14:36:27.380Z", "dateUpdated": "2024-09-10T15:58:45.956Z"}, "containers": {"cna": {"title": "express vulnerable to XSS via response.redirect()", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"}, {"name": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", "tags": ["x_refsource_MISC"], "url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"}], "affected": [{"vendor": "expressjs", "product": "express", "versions": [{"version": "< 4.20.0", "status": "affected"}, {"version": ">= 5.0.0-alpha.1, < 5.0.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-09-10T14:36:27.380Z"}, "descriptions": [{"lang": "en", "value": "Express.js minimalist web framework for node. In express < 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect() may execute untrusted code. This issue is patched in express 4.20.0."}], "source": {"advisory": "GHSA-qw6h-vgh9-j6wx", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-10T15:58:36.256748Z", "id": "CVE-2024-43796", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-10T15:58:45.956Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-43796", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:58:36.256748Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-10T15:58:41.001Z"}}], "cna": {"title": "express vulnerable to XSS via response.redirect()", "source": {"advisory": "GHSA-qw6h-vgh9-j6wx", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "expressjs", "product": "express", "versions": [{"status": "affected", "version": "< 4.20.0"}, {"status": "affected", "version": ">= 5.0.0-alpha.1, < 5.0.0"}]}], "references": [{"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", "name": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", "name": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Express.js minimalist web framework for node. In express < 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect() may execute untrusted code. This issue is patched in express 4.20.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-09-10T14:36:27.380Z"}}}, "cveMetadata": {"cveId": "CVE-2024-43796", "state": "PUBLISHED", "dateUpdated": "2024-09-10T15:58:45.956Z", "dateReserved": "2024-08-16T14:20:37.325Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-09-10T14:36:27.380Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openjsf:express:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "490126A5-34FA-4D46-946F-8612A3E66AB1", "versionEndExcluding": "4.20.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha1:*:*:*:node.js:*:*", "matchCriteriaId": "50C7D4CD-B4D9-433E-B3FC-AB309FA31CCA", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha2:*:*:*:node.js:*:*", "matchCriteriaId": "7DFB65DE-73BB-4BB5-84BA-67B187DD2DA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha3:*:*:*:node.js:*:*", "matchCriteriaId": "B709D2E7-2D50-4A90-B000-0DEB55B80682", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha4:*:*:*:node.js:*:*", "matchCriteriaId": "E388EA8E-03EF-41C9-98C6-68D96DAF92A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha5:*:*:*:node.js:*:*", "matchCriteriaId": "A7D7FA44-E213-4931-A92B-2C46CA1F6EC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha6:*:*:*:node.js:*:*", "matchCriteriaId": "EBFE2596-A7DE-455C-A59A-1B56ACA82D4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha7:*:*:*:node.js:*:*", "matchCriteriaId": "F68E52F1-1A06-45D4-8593-3D5D7EC32330", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:alpha8:*:*:*:node.js:*:*", "matchCriteriaId": "0F5FEAD7-A1EB-4FB1-8B15-A717642961F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:beta1:*:*:*:node.js:*:*", "matchCriteriaId": "2CC3B849-8DAF-47E5-A4EB-E93394C7396A", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:beta2:*:*:*:node.js:*:*", "matchCriteriaId": "6058D4DD-DE9D-4AD9-87A0-22F81C33F81E", "vulnerable": true}, {"criteria": "cpe:2.3:a:openjsf:express:5.0.0:beta3:*:*:*:node.js:*:*", "matchCriteriaId": "9852C6CE-F282-4B7D-9690-57E57FAC8B37", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Express.js minimalist web framework for node. In express < 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect() may execute untrusted code. This issue is patched in express 4.20.0."}, {"lang": "es", "value": "Express.js, el framework web minimalista para Node. En Express anterior a la versi\u00f3n 4.20.0, pasar una entrada de usuario no confiable (incluso despu\u00e9s de desinfectarla) a response.redirect() puede ejecutar c\u00f3digo no confiable. Este problema se solucion\u00f3 en Express 4.20.0."}], "id": "CVE-2024-43796", "lastModified": "2024-09-20T16:07:47.997", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-09-10T15:15:17.510", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2025:1249", "cpe": "cpe:/o:redhat:discovery:1.0::el9", "package": "discovery/discovery-server-rhel9:1.12.0-1", "product_name": "Discovery 1 for RHEL 9", "release_date": "2025-02-10T00:00:00Z"}, {"advisory": "RHSA-2025:1249", "cpe": "cpe:/o:redhat:discovery:1.0::el9", "package": "discovery/discovery-ui-rhel9:1.12.0-1", "product_name": "Discovery 1 for RHEL 9", "release_date": "2025-02-10T00:00:00Z"}, {"advisory": "RHSA-2024:11023", "cpe": "cpe:/a:redhat:rhboac_hawtio:4.0.0", "package": "express", "product_name": "HawtIO 4.0.0 for Red Hat build of Apache Camel 4", "release_date": "2024-12-12T00:00:00Z"}, {"advisory": "RHSA-2024:8014", "cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9", "package": "network-observability/network-observability-cli-rhel9:v1.7.0-67", "product_name": "NETWORK-OBSERVABILITY-1.7.0-RHEL-9", "release_date": "2024-10-22T00:00:00Z"}, {"advisory": "RHSA-2024:8014", "cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9", "package": "network-observability/network-observability-console-plugin-rhel9:v1.7.0-67", "product_name": "NETWORK-OBSERVABILITY-1.7.0-RHEL-9", "release_date": "2024-10-22T00:00:00Z"}, {"advisory": "RHSA-2024:8014", "cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9", "package": "network-observability/network-observability-ebpf-agent-rhel9:v1.7.0-67", "product_name": "NETWORK-OBSERVABILITY-1.7.0-RHEL-9", "release_date": "2024-10-22T00:00:00Z"}, {"advisory": "RHSA-2024:8014", "cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9", "package": "network-observability/network-observability-flowlogs-pipeline-rhel9:v1.7.0-67", "product_name": "NETWORK-OBSERVABILITY-1.7.0-RHEL-9", "release_date": "2024-10-22T00:00:00Z"}, {"advisory": "RHSA-2024:8014", "cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9", "package": "network-observability/network-observability-operator-bundle:1.7.0-86", "product_name": "NETWORK-OBSERVABILITY-1.7.0-RHEL-9", "release_date": "2024-10-22T00:00:00Z"}, {"advisory": "RHSA-2024:8014", "cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9", "package": "network-observability/network-observability-rhel9-operator:v1.7.0-67", "product_name": "NETWORK-OBSERVABILITY-1.7.0-RHEL-9", "release_date": "2024-10-22T00:00:00Z"}, {"advisory": "RHSA-2024:10906", "cpe": "cpe:/a:redhat:rhmt:1.8::el8", "package": "rhmtc/openshift-migration-ui-rhel8:v1.8.5-7", "product_name": "Red Hat Migration Toolkit for Containers 1.8", "release_date": "2024-12-10T00:00:00Z"}, {"advisory": "RHSA-2025:0875", "cpe": "cpe:/a:redhat:openshift:4.17::el9", "package": "openshift4/nmstate-console-plugin-rhel9:v4.17.0-202501301204.p0.gcffdc60.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2025-02-05T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/argocd-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/argo-rollouts-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/console-plugin-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/dex-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-operator-bundle:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-rhel8-operator:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/kam-delivery-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/must-gather-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el9", "package": "openshift-gitops-argocd-rhel9-container-v1.12.6-1", "product_name": "Red Hat OpenShift GitOps 1.12 - RHEL 9", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8581", "cpe": "cpe:/a:redhat:openshift_gitops:1.13::el8", "package": "openshift-gitops-1/argocd-rhel8:v1.13.2-4", "product_name": "Red Hat OpenShift GitOps 1.13", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:8581", "cpe": "cpe:/a:redhat:openshift_gitops:1.13::el8", "package": "openshift-gitops-1/argo-rollouts-rhel8:v1.13.2-4", "product_name": "Red Hat OpenShift GitOps 1.13", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:8581", "cpe": "cpe:/a:redhat:openshift_gitops:1.13::el8", "package": "openshift-gitops-1/console-plugin-rhel8:v1.13.2-4", "product_name": "Red Hat OpenShift GitOps 1.13", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:8581", "cpe": "cpe:/a:redhat:openshift_gitops:1.13::el8", "package": "openshift-gitops-1/dex-rhel8:v1.13.2-4", "product_name": "Red Hat OpenShift GitOps 1.13", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:8581", "cpe": "cpe:/a:redhat:openshift_gitops:1.13::el8", "package": "openshift-gitops-1/gitops-operator-bundle:v1.13.2-4", "product_name": "Red Hat OpenShift GitOps 1.13", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:8581", "cpe": "cpe:/a:redhat:openshift_gitops:1.13::el8", "package": "openshift-gitops-1/gitops-rhel8:v1.13.2-4", "product_name": "Red Hat OpenShift GitOps 1.13", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:8581", "cpe": "cpe:/a:redhat:openshift_gitops:1.13::el8", "package": "openshift-gitops-1/gitops-rhel8-operator:v1.13.2-4", "product_name": "Red Hat OpenShift GitOps 1.13", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:8581", "cpe": "cpe:/a:redhat:openshift_gitops:1.13::el8", "package": "openshift-gitops-1/kam-delivery-rhel8:v1.13.2-4", "product_name": "Red Hat OpenShift GitOps 1.13", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:8581", "cpe": "cpe:/a:redhat:openshift_gitops:1.13::el8", "package": "openshift-gitops-1/must-gather-rhel8:v1.13.2-4", "product_name": "Red Hat OpenShift GitOps 1.13", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:8581", "cpe": "cpe:/a:redhat:openshift_gitops:1.13::el8", "package": "openshift-gitops-argocd-rhel9-container-v1.13.2-5", "product_name": "Red Hat OpenShift GitOps 1.13", "release_date": "2024-10-29T00:00:00Z"}, {"advisory": "RHSA-2024:7726", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/grafana-rhel8:2.6.2-3", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7726", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/istio-cni-rhel8:2.6.2-5", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7726", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/istio-must-gather-rhel8:2.6.2-4", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7726", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/istio-rhel8-operator:2.6.2-5", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7726", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/kiali-ossmc-rhel8:1.89.2-3", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7726", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/kiali-rhel8:1.89.4-3", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7726", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/kiali-rhel8-operator:1.89.6-1", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7726", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/pilot-rhel8:2.6.2-5", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7726", "cpe": "cpe:/a:redhat:service_mesh:2.6::el8", "package": "openshift-service-mesh/ratelimit-rhel8:2.6.2-3", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7726", "cpe": "cpe:/a:redhat:service_mesh:2.6::el9", "package": "openshift-service-mesh/proxyv2-rhel9:2.6.2-7", "product_name": "Red Hat OpenShift Service Mesh 2.6 for RHEL 9", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2025:0323", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.14::el9", "package": "odf4/ocs-client-console-rhel9:v4.14.13-3", "product_name": "RHODF-4.14-RHEL-9", "release_date": "2025-01-15T00:00:00Z"}, {"advisory": "RHSA-2025:0164", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/ocs-client-console-rhel9:v4.15.9-1", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2025:0164", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-console-rhel9:v4.15.9-1", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2024:8113", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/mcg-core-rhel9:v4.16.3-1", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-10-15T00:00:00Z"}, {"advisory": "RHSA-2025:0082", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/ocs-client-console-rhel9:v4.16.5-2", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2025-01-08T00:00:00Z"}, {"advisory": "RHSA-2025:0082", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-console-rhel9:v4.16.5-2", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2025-01-08T00:00:00Z"}, {"advisory": "RHSA-2025:0082", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-multicluster-console-rhel9:v4.16.5-2", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2025-01-08T00:00:00Z"}, {"advisory": "RHSA-2024:8676", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.17::el9", "package": "odf4/mcg-core-rhel9:v4.17.0-69", "product_name": "RHODF-4.17-RHEL-9", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2025:0079", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.17::el9", "package": "odf4/ocs-client-console-rhel9:v4.17.2-1", "product_name": "RHODF-4.17-RHEL-9", "release_date": "2025-01-08T00:00:00Z"}, {"advisory": "RHSA-2025:0079", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.17::el9", "package": "odf4/odf-console-rhel9:v4.17.2-1", "product_name": "RHODF-4.17-RHEL-9", "release_date": "2025-01-08T00:00:00Z"}, {"advisory": "RHSA-2025:0079", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.17::el9", "package": "odf4/odf-multicluster-console-rhel9:v4.17.2-1", "product_name": "RHODF-4.17-RHEL-9", "release_date": "2025-01-08T00:00:00Z"}, {"advisory": "RHSA-2024:8023", "cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8", "package": "openshift-serverless-1/logic-data-index-ephemeral-rhel8:1.34.0-6", "product_name": "RHOSS-1.34-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8023", "cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8", "package": "openshift-serverless-1/logic-data-index-postgresql-rhel8:1.34.0-6", "product_name": "RHOSS-1.34-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8023", "cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8", "package": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8:1.34.0-5", "product_name": "RHOSS-1.34-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8023", "cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8", "package": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8:1.34.0-6", "product_name": "RHOSS-1.34-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8023", "cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8", "package": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8:1.34.0-2", "product_name": "RHOSS-1.34-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8023", "cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8", "package": "openshift-serverless-1/logic-management-console-rhel8:1.34.0-5", "product_name": "RHOSS-1.34-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8023", "cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8", "package": "openshift-serverless-1/logic-operator-bundle:1.34.0-5", "product_name": "RHOSS-1.34-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8023", "cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8", "package": "openshift-serverless-1/logic-rhel8-operator:1.34.0-5", "product_name": "RHOSS-1.34-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8023", "cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8", "package": "openshift-serverless-1/logic-swf-builder-rhel8:1.34.0-6", "product_name": "RHOSS-1.34-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8023", "cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8", "package": "openshift-serverless-1/logic-swf-devmode-rhel8:1.34.0-6", "product_name": "RHOSS-1.34-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:10917", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.4::el8", "package": "registry.redhat.io/rhosdt/jaeger-query-rhel8:sha256:7ce3c91962c904cffc5446c0ba6263124ea4b8a17963fbbefabacac73daf4851", "product_name": "Red Hat OpenShift distributed tracing 3.4", "release_date": "2024-12-10T00:00:00Z"}, {"advisory": "RHSA-2024:10962", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.4::el8", "package": "registry.redhat.io/rhosdt/jaeger-query-rhel8:sha256:e7814650195a4ce28137f26da766217ed09dc2d974146b73fefb50b3e3c63749", "product_name": "Red Hat OpenShift distributed tracing 3.4", "release_date": "2024-12-11T00:00:00Z"}], "bugzilla": {"description": "express: Improper Input Handling in Express Redirects", "id": "2311152", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "status": "verified"}, "cwe": "CWE-79", "details": ["Express.js minimalist web framework for node. In express < 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect() may execute untrusted code. This issue is patched in express 4.20.0.", "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-43796", "package_state": [{"cpe": "cpe:/a:redhat:cryostat:3", "fix_state": "Affected", "package_name": "express", "product_name": "Cryostat 3"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Will not fix", "package_name": "openshift-logging/logging-view-plugin-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta/mta-cli-rhel9", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta/mta-ui-rhel9", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Affected", "package_name": "express", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Not affected", "package_name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Not affected", "package_name": "multicluster-engine/console-mce-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Not affected", "package_name": "multicluster-engine/multicluster-engine-console-mce-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:workload_availability_node_healthcheck", "fix_state": "Will not fix", "package_name": "workload-availability/node-remediation-console-rhel8", "product_name": "Node HealthCheck Operator"}, {"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Affected", "package_name": "openshift-lightspeed-beta/lightspeed-console-plugin-rhel9", "product_name": "OpenShift Lightspeed"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines-console-plugin-rhel8-container", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines/pipelines-hub-api-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines/pipelines-hub-db-migration-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines/pipelines-hub-ui-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Will not fix", "package_name": "3scale-amp-system-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rhacm2/console-rhel9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-central-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Affected", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-rhel8-operator", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-roxctl-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-scanner-v4-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Will not fix", "package_name": "aap-cloud-ui-container", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Will not fix", "package_name": "ansible-automation-platform-24/lightspeed-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "automation-controller", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "automation-eda-controller", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:optaplanner:::el6", "fix_state": "Will not fix", "package_name": "express", "product_name": "Red Hat build of OptaPlanner 8"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Will not fix", "package_name": "express", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Affected", "package_name": "rhdh-hub-container", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Not affected", "package_name": "rhdh-operator-container", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:discovery:1.0::el8", "fix_state": "Affected", "package_name": "discovery-server-container", "product_name": "Red Hat Discovery"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "cldr-emoji-annotation", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "mozjs60", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "cldr-emoji-annotation", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "gjs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "polkit", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Will not fix", "package_name": "express", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Will not fix", "package_name": "express", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "express", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "odh-dashboard-container", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "odh-operator-container", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "openshift3/ose-console", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-console", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-monitoring-plugin-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-networking-console-plugin-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Affected", "package_name": "ocs4/mcg-core-rhel8", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_data_science", "fix_state": "Affected", "package_name": "rhods/odh-dashboard-rhel8", "product_name": "Red Hat OpenShift Data Science (RHODS)"}, {"cpe": "cpe:/a:redhat:openshift_data_science", "fix_state": "Not affected", "package_name": "rhods/odh-rhel8-operator", "product_name": "Red Hat OpenShift Data Science (RHODS)"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3:", "fix_state": "Not affected", "package_name": "devspaces/traefik-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-agent-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-collector-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-es-index-cleaner-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-es-rollover-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/jaeger-ingester-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Affected", "package_name": "rhosdt/jaeger-query-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Will not fix", "package_name": "container-native-virtualization/kubevirt-console-plugin", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Will not fix", "package_name": "container-native-virtualization/kubevirt-console-plugin-rhel9", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Will not fix", "package_name": "express", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "qpid-dispatch", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:trusted_profile_analyzer:1", "fix_state": "Affected", "package_name": "rhtpa/rhtpa-trustification-service-rhel9", "product_name": "Red Hat Trusted Profile Analyzer"}], "public_date": "2024-09-10T15:15:17Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-43796\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-43796\nhttps://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553\nhttps://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"], "threat_severity": "Moderate"}