关键漏洞信息 漏洞概述 RHSA-2025:8479 - 重要安全更新,针对 RHODF-4.16-RHEL-9。 影响的产品 Red Hat OpenShift Data Foundation 4 for RHEL 9 x86_64 Red Hat OpenShift Data Foundation for IBM Power Little Endian 4 for RHEL 9 ppc64le Red Hat OpenShift Data Foundation for IBM Z and LinuxONE 4 for RHEL 9 s390x Red Hat OpenShift Data Foundation for RHEL 9 AArch64 aarch64 固定的漏洞 CVE-2024-29041: express: cause malformed URLs to be evaluated CVE-2024-39249: nodejs-async: Regular expression denial of service while parsing function in autoinject CVE-2024-45590: body-parser: Denial of Service Vulnerability in body-parser CVE-2024-1831: npm-serializer-javascript: Cross-site Scripting (XSS) in serializer-javascript CVE-2024-31536: http-proxy-middleware: Denial of Service CVE-2024-45338: golang.org/x/net/html: Non-literal parsing of case-insensitive content in goolang.org/x/net/html CVE-2025-30204: jwt-go: allows excessive memory allocation during header parsing 参考链接 Red Hat 安全更新分类 这些信息表明了受影响的产品、修复的具体漏洞以及相关的CVE编号和参考链接。