96 matches found
Important: Red Hat Security Advisory: RHTAS 1.4.2 - Tech Preview Release Of the Model Validation Operator
The Tech Preview release of the RHTAS Model Validation Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.4 The RHTAS Model Validation Operator can be used with OpenShift Container Platform 4.16, 4.17,...
Important: Red Hat Security Advisory: RHTAS 1.4.2 - Red Hat Trusted Artifact Signer Release
The 1.4.2 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.4 The RHTAS Operator can be used with OpenShift Container Platform 4.17, 4.18, 4.19, 4.20...
CVE-2026-15154
A flaw was found in guardrails-detectors, a component of Red Hat OpenShift AI. This vulnerability, known as Regular Expression Denial of Service ReDoS, allows a remote attacker to provide specially crafted regular expressions to the public detection API. This can cause catastrophic backtracking,...
Critical: Red Hat Security Advisory: RHOAI 3.4.2 - Red Hat OpenShift AI
Updated images are now available for Red Hat OpenShift AI. Release of RHOAI 3.4.2 provides these changes:...
Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.4.6
Logging for Red Hat OpenShift - 6.4.6 Red Hat OpenShift Logging 6.4.6 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs...
RHCOS 4 : OpenShift Container Platform 4.13.68 (RHSA-2026:26541)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26541 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - golang: net/url: Memory exhaustion in quer...
Important: Red Hat Security Advisory: OpenShift Virtualization v4.17 Images
Red Hat OpenShift Virtualization release v4.17 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
EUVD-2026-38233
A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A...
Important: Red Hat Security Advisory: OpenShift Virtualization v4.21 Images
Red Hat OpenShift Virtualization release v4.21 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-7345: RHODF 4.16.30 release DFBUGS-7105: Backport to 4.16.z CLONE - ODF Console is breaking DFBUGS-6743:...
Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release
The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...
Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release
The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...
CVE-2026-10843 Cloud-credential-operator: cco mint-mode credentialsrequest manifests grant account-wide iam access beyond cluster scope on aws
A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise...
CVE-2026-10840
A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources via the tekton-scheduler-role ClusterRole. When Kueue or cert-manager CRDs are present on the...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.43 security and extras update
Red Hat OpenShift Container Platform release 4.18.43 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...
Critical: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.20.13 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.20.13 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.20.13 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-7039: RHODF 4.20.13 release NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.42 bug fix and security update
Red Hat OpenShift Container Platform release 4.18.42 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...
Astra Linux – Vulnerability in HAPProxy
A vulnerability related to uncontrolled resource consumption was discovered in HAProxy, which could cause the service to crash. This issue could allow an authenticated remote attacker to run a specially crafted malicious server within an OpenShift cluster. The most significant impact is related t...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.26 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.16.26 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.16.26 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-6193: Backport to odf-4.16.26 ocs-operator should not use image gcr.io/kubebuilder/kube-rbac-proxy...
Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.5.1
Logging for Red Hat OpenShift - 6.5.1 Red Hat OpenShift Logging 6.5.1 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs...