Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.42 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.42 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

RHCOS 3 : OpenShift Container Platform 3.11 jenkins (RHSA-2019:3144)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3144 advisory. - jenkins: stored cross-site scripting in update center web pages SECURITY-1453 CVE-2019-10383 - jenkins: CSRF protection tokens for...

RHCOS 4 : OpenShift Container Platform 4.2.36 cri-o (RHSA-2020:2776)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2776 advisory. - cri-o: infra container reparented to systemd following OOM Killer killing it's conmon CVE-2019-14891 Note that Nessus has not tested for th...

RHCOS 4 : OpenShift Container Platform 4.5.40 (RHSA-2021:2057)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2057 advisory. - runc: vulnerable to symlink exchange attack CVE-2021-30465 Note that Nessus has not tested for this issue but has instead relied only on th...

RHCOS 4 : OpenShift Container Platform 4.3.10 openshift (RHSA-2020:1276)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1276 advisory. - kubernetes: crafted requests to kubelet API allow for memory exhaustion CVE-2020-8551 Note that Nessus has not tested for this issue but ha...

RHCOS 4 : OpenShift Container Platform 4.8.9 (RHSA-2021:3248)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3248 advisory. - golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header CVE-2021-31525 - golang: net: lookup...

RHCOS 3 : OpenShift Container Platform 3.11.524 (RHSA-2021:3646)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3646 advisory. - kubernetes: Symlink exchange can allow host filesystem access CVE-2021-25741 Note that Nessus has not tested for this issue but has instead...

RHCOS 4 : OpenShift Container Platform 4.10.33 (RHSA-2022:6531)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6531 advisory. - jenkins-plugin/junit: Stored XSS vulnerability in JUnit Plugin CVE-2022-34176 - jenkins-plugin: Arbitrary file write vulnerability...

RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2018:3537)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3537 advisory. - kibana: Cross-site scripting via the source field formatter CVE-2018-3830 - nodejs: Out of bounds OOB write via UCS-2 encoding...

RHCOS 3 : OpenShift Container Platform 3.8 (RHSA-2018:3551)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3551 advisory. - kubernetes: authentication/authorization bypass in the handling of non-101 responses CVE-2018-1002105 Note that Nessus has not tested for...

RHCOS 4 : OpenShift Container Platform 4.17.52 (RHSA-2026:5866)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5866 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - crypto/x509: golang: Denial of Service due ...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.52 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.52 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

RHEL 8 / 9 : OpenShift Container Platform 4.17.49 (RHSA-2026:2670)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2670 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

Important: Red Hat Security Advisory: RHTAS 1.2.2 - Red Hat Trusted Artifact Signer Release

The 1.2.2 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.2 The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.49 security and extras update

Red Hat OpenShift Container Platform release 4.17.49 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a security impact of...

Moderate: Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.10.1

Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.10.1 General Availability release, with updates to container images. Assisted Installer RHEL 9 integrates components for the general multicluster engine for Kubernetes 2.10.1 release that simplify the process of...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.20.11 bug fix and security update

Red Hat OpenShift Container Platform release 4.20.11 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: multicluster engine for Kubernetes 2.9.1 security update

The multicluster engine for Kubernetes 2.9 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.9 images The multicluster engine for Kubernetes provides the foundational components that are...

json-smart: uncaught exception may lead to crash or information disclosure

A flaw was found in json-smart. When an exception is thrown from a function, but is not caught, the program using the library may crash or expose sensitive information. The highest threat from this vulnerability is to data confidentiality and system availability. In OpenShift Container Platform...

Red Hat OpenShift Container Platform安全漏洞

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat, Inc. that enables organizations to develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. A security vulnerability exists in Red Hat OpenShif...