从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞编号:RHSA-2024:6046 2. 发布日期:2024-09-19 3. 类型/严重性:安全公告,重要 4. 主题:Red Hat OpenShift Container Platform 4.15.33 更新,修复了几个bug并添加了增强功能。 5. 描述:Red Hat OpenShift Container Platform 4.15.33 更新包含针对Red Hat OpenShift Container Platform 4.15的安全更新。 6. 受影响的产品:Red Hat OpenShift Container Platform 4.15 for RHEL 9 x86_64、Red Hat OpenShift Container Platform 4.15 for RHEL 8 x86_64、Red Hat OpenShift Container Platform for Power 4.15 for RHEL 9 ppc64le、Red Hat OpenShift Container Platform for Power 4.15 for RHEL 8 ppc64le、Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.15 for RHEL 9 s390x、Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.15 for RHEL 8 s390x、Red Hat OpenShift Container Platform for ARM 64 4.15 for RHEL 9 aarch64、Red Hat OpenShift Container Platform for ARM 64 4.15 for RHEL 8 aarch64。 7. 修复的漏洞: - BZ-2302259 - CVE-2024-7387 - openshift/builder: Path traversal allows command injection in privileged BuildContainer using docker build strategy - BZ-2308661 - CVE-2024-45496 - openshift-controller-manager: Elevated Build Pods Can Lead to Node Compromise in OpenShift 8. CVEs: - CVE-2024-7387 - CVE-2024-38428 - CVE-2024-45496 9. 解决方案:建议受影响的用户升级到这些更新的包和图像,当它们在适当的发布通道中可用时。 这些信息可以帮助用户了解漏洞的详细情况、受影响的产品和修复措施。