Is Red Hat Satellite affected by CVE-2024-49761?
Issue
- Is Red Hat Satellite affected by CVE-2024-49761
- Satellite's puppetserver and puppet-agent packages have been flagged with CVE-2024-49761
- Nessus flagged the following as vulnerable.
Path : /opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems/gems//rexml-3.2.5
Installed version : 3.2.5
Path : /opt/puppetlabs/puppet/lib/ruby/gems/3.2.0/gems//rexml-3.2.5
Installed version : 3.2.5
Fixed version : 3.3.9
Environment
- Red Hat Satellite 6.16
- Red Hat Satellite 6.17
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
