CVE-2026-25538 Devtron Attributes API Unauthorized Access Leading to API Token Signing Key Leakage

Devtron is an open source tool integration platform for Kubernetes. In version 2.0.0 and prior, a vulnerability exists in Devtron's Attributes API interface, allowing any authenticated user including low-privileged CI/CD Developers to obtain the global API Token signing key by accessing the...

CVE-2025-55670

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.16.44 packages and security update

Red Hat OpenShift Container Platform release 4.16.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.2 packages and security update

Red Hat OpenShift Container Platform release 4.19.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.17 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.17 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

Red Hat Connectivity Link 资源管理错误漏洞

Red Hat Connectivity Link is a Kubernetes network connectivity management platform from Red Hat, USA. Red Hat Connectivity Link has a resource management error vulnerability that can be exploited by an attacker to cause the Authorino service to crash...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: cert-exporter, crossplane, velero, hello-world-golang, q, docker-credential-gcr, dynamic-localpv-provisioner, prometheus-adapter, wire-go, slsa-verifier, hey, yq, cfssl, mockery, kube-rbac-proxy, kube-logging-operator, nodetaint, gh, fuse-overlayfs-snapshotter,...

Important: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.15.42 packages update

Red Hat OpenShift Container Platform release 4.15.42 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

Moderate: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.12.2 packages update

Red Hat OpenShift Container Platform release 4.12.2 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

Moderate: Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 images update

Red Hat OpenShift Container Platform release 3.11.141 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clou...

RHEL 7 : OpenShift Container Platform 3.8 (RHSA-2018:3551)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3551 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...