Important: Red Hat Security Advisory: OpenShift Virtualization v4.16 Images

Red Hat OpenShift Virtualization release v4.16 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.13.65 security and extras update

Red Hat OpenShift Container Platform release 4.13.65 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Low...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12 ztp-site-generate container

An update for ztp-site-generate is available for Red Hat OpenShift Container Platform 4.12. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ztp-site-generate...

EUVD-2026-19211

A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection. The attack may be performed from...

CVE-2026-5641

A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection. The attack may be performed from...

CVE-2026-5640 PHPGurukul Online Shopping Portal Project Parameter update-image2.php sql injection

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.52 packages and security update

Red Hat OpenShift Container Platform release 4.17.52 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.15.62 security and extras update

Red Hat OpenShift Container Platform release 4.15.62 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a security impact of...

CVE-2026-28355

The CVE-2026-28355 entry covers a Self Cross-Site Scripting (XSS) vulnerability in the Canarytokens “PWA” Canarytoken. Affected component is the title field of the PWA token; versions prior to sha-7ff0e12 allow the creator to inject JavaScript that executes when the installation page is visited b...

CVE-2026-28355 "PWA" Canarytoken Vulnerable to Stored Self Cross-Site Scripting

Canarytokens help track activity and actions on a network. Versions prior to sha-7ff0e12 have a Self Cross-Site Scripting vulnerability in the "PWA" Canarytoken, whereby the Canarytoken's creator can attack themselves or someone they share the link with. The creator of a PWA Canarytoken can inser...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.49 packages and security update

Red Hat OpenShift Container Platform release 4.17.49 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

CVE-2024-41663

Canarytokens help track activity and actions on a network. A Cross-Site Scripting vulnerability was identified in the "Cloned Website" Canarytoken, whereby the Canarytoken's creator can attack themselves. The creator of a slow-redirect Canarytoken can insert Javascript into the destination URL of...

Moderate: Red Hat Security Advisory: Red Hat build of Cryostat 4.1.0: new RHEL 9 container image security update

New Red Hat build of Cryostat 4.1.0 on RHEL 9 container images are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details CVEID:CVE-2022-29458...

Security Bulletin: IBM Financial Transaction Manager is impacted by a DNS cache poisoning vulnerability in RedHat Proxy for Kubernetes RBAC authorization

Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerability. Vulnerability Details CVEID:CVE-2025-40778 DESCRIPTION: Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into t...

Moderate: Red Hat Security Advisory: RHACS 4.8.5 security and bug fix update

Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...

SUSE-SU-2025:3839-1 Security update 5.1.1 for Multi-Linux Manager Server

This update fixes the following issues: Multi-Linux-Manager-Server-SLE-release: - Update for the release packages for fixing the EOL - Fixed migration issue bsc1243486 server-attestation-image was updated from version 5.1.7 to 5.1.10: - CVE-2025-53192: Do not use apache-commons-ognl but its...

EUVD-2024-39120

Malicious code in bioql PyPI...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12 ztp-site-generate container

An update for ztp-site-generate is available for Red Hat OpenShift Container Platform 4.12. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ztp-site-generate...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14 ztp-site-generate container

An update for ztp-site-generate is available for Red Hat OpenShift Container Platform 4.14. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ztp-site-generate...