Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1551
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:0952 https://access.redhat.com/errata/RHSA-2024:0952
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0955 https://access.redhat.com/errata/RHSA-2024:0955
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2024:0958 https://access.redhat.com/errata/RHSA-2024:0958
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2024:0959 https://access.redhat.com/errata/RHSA-2024:0959
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:0957 https://access.redhat.com/errata/RHSA-2024:0957
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:0963 https://access.redhat.com/errata/RHSA-2024:0963
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0960 https://access.redhat.com/errata/RHSA-2024:0960
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:0969 https://access.redhat.com/errata/RHSA-2024:0969
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:0961 https://access.redhat.com/errata/RHSA-2024:0961
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2024:0971 https://access.redhat.com/errata/RHSA-2024:0971
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0970 https://access.redhat.com/errata/RHSA-2024:0970
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0964 https://access.redhat.com/errata/RHSA-2024:0964
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2024:0972 https://access.redhat.com/errata/RHSA-2024:0972
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:0962 https://access.redhat.com/errata/RHSA-2024:0962
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:0968 https://access.redhat.com/errata/RHSA-2024:0968
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:0976 https://access.redhat.com/errata/RHSA-2024:0976
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:0983 https://access.redhat.com/errata/RHSA-2024:0983
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:0984 https://access.redhat.com/errata/RHSA-2024:0984