Skip to main content
Threat Radar animated logo
DashboardThreatsMapFeedsPricingView Plans & Pricing
reconnecting
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threats Tagged 'cve-2024-28102'

View all threats tagged with 'cve-2024-28102'. Filter and sort to focus on specific types of threats.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.
Active filters (1):Tag: cve-2024-28102

Threats Tagged 'cve-2024-28102'

Click on any threat for detailed analysis and mitigation recommendations

Red Hat Security Advisory: python-jwcrypto security updateCVE-2024-28102
0

A vulnerability in the python-jwcrypto package used in Red Hat Enterprise Linux 9 allows a malicious JSON Web Encryption (JWE) token to cause a denial of service condition. This issue is tracked as CVE-2024-28102 and is categorized under CWE-400 (Uncontrolled Resource Consumption). Red Hat has released an updated python-jwcrypto package to address this vulnerability. The severity is assessed as medium based on the advisory. No known exploits are reported in the wild. Users of affected Red Hat Enterprise Linux 9 versions should apply the provided security update to remediate the issue.

MediumVulnerability#gcve#csaf#cve-2024-28102
Join the discussion
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix UpdateCVE-2024-28102
0

Red Hat Ansible Automation Platform 2. 4 for RHEL 8 and 9 contains multiple security vulnerabilities including a denial of service caused by malicious JWE tokens (CVE-2024-28102), improper handling of keys with non-attribute characters in jinja2 (CVE-2024-34064), and certificate verification bypass in subsequent requests (CVE-2024-35195). Red Hat has released updates addressing these issues in automation-controller version 4. 5. 8 and related components. The update is rated as having moderate security impact. No known exploits in the wild have been reported. The vulnerabilities affect the automation-controller component of the platform, which is used to manage IT automation at scale.

MediumVulnerability#gcve#csaf#cve-2024-28102
Join the discussion

Showing 1 to 2 of 2 results

Filters:Tag: cve-2024-28102
Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses