Ocp-Tools-4 Jenkins-Rhel9 vulnerabilities

CVE-2026-41635 [CRITICAL] CWE-502 Apache MINA: Apache MINA: Arbitrary code execution via classname allowlist bypass Apache MINA: Apache MINA: Arbitrary code execution via classname allowlist bypass A flaw was found in Apache MINA. A remote attacker could exploit a vulnerability in the `AbstractIoBuffer.resolveClass()` method, which failed to properly validate class names for static classes or primitive types. This bypasses the intended security control, known as a classname allowlist, allowing

CVE-2026-32952 [MEDIUM] CWE-190 go-ntlmssp: go-ntlmssp: Denial of Service via malicious NTLM challenge go-ntlmssp: go-ntlmssp: Denial of Service via malicious NTLM challenge A flaw was found in the `go-ntlmssp` package. A remote attacker could exploit this vulnerability by sending a specially crafted NTLM (NT LAN Manager) challenge message. This malicious message can trigger a slice out of bounds panic, leading to a Denial of Service (DoS) by crashing any Go process that utilizes `ntlmssp.Negot

CVE-2026-22753 [HIGH] CWE-551 Spring Security: Spring Security: Security bypass due to incorrect servlet path matching Spring Security: Spring Security: Security bypass due to incorrect servlet path matching A flaw was found in Spring Security. When an application uses specific configurations involving `securityMatchers(String)` and `PathPatternRequestMatcher.Builder` to handle servlet paths, the intended security controls may not be applied. This can result in a security bypass, where authenti

CVE-2026-22754 [HIGH] CWE-551 Spring Security: Spring Security: Authorization bypass due to incorrect servlet path matching Spring Security: Spring Security: Authorization bypass due to incorrect servlet path matching A flaw was found in Spring Security. When an application uses `` to define authorization rules, the servlet path may not be correctly included in the path matcher. This oversight can lead to an authorization bypass, allowing a remote attacker to access protected resources without

CVE-2026-22747 [MEDIUM] CWE-295 Spring Security: Spring Security: User impersonation via malformed X.509 certificate Common Name (CN) values Spring Security: Spring Security: User impersonation via malformed X.509 certificate Common Name (CN) values A flaw was found in Spring Security. This vulnerability allows a remote attacker to impersonate another user. The SubjectX500PrincipalExtractor component incorrectly handles certain malformed X.509 certificate Common Name (CN) values, which can lead

CVE-2026-22748 [MEDIUM] CWE-347 Spring Security: Spring Security: Integrity impact due to improper JSON Web Token (JWT) validation Spring Security: Spring Security: Integrity impact due to improper JSON Web Token (JWT) validation A flaw was found in Spring Security. When an application is configured to decode JSON Web Tokens (JWTs) using `NimbusJwtDecoder` or `NimbusReactiveJwtDecoder`, it may not properly validate these tokens if an `OAuth2TokenValidator` is not explicitly configured. This ove

CVE-2026-22746 [LOW] CWE-208 Spring Security: Spring Security: Timing attack defense bypass allows information disclosure Spring Security: Spring Security: Timing attack defense bypass allows information disclosure A flaw was found in Spring Security. If an application uses the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked user attributes, an attacker can bypass the DaoAuthenticationProvider's timing attack defense. This bypass allows an attacker to potentially gain limite

CVE-2026-22751 [MEDIUM] CWE-367 Spring Security: JdbcOneTimeTokenService: Spring Security: Authentication bypass due to race condition in One-Time Token login Spring Security: JdbcOneTimeTokenService: Spring Security: Authentication bypass due to race condition in One-Time Token login A flaw was found in Spring Security, specifically in applications configured for One-Time Token login using JdbcOneTimeTokenService. This vulnerability is due to a Time-of-check Time-of-use (TOCTOU) race condition

CVE-2025-14813 [CRITICAL] CWE-327 bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `GOSTCTR` implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected b

CVE-2026-5598 [CRITICAL] CWE-385 bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA core. A covert timing channel vulnerability, caused by non-constant time comparisons, risks the leakage of private keys in the FrodoKEM implementation. An unauthenticated, remote attacker can potentially exploit this timing discrepancy to gain unautho

CVE-2026-3505 [HIGH] CWE-770 bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules). This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, Opera

CVE-2026-5588 [MEDIUM] CWE-347 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules). This vulnerability is associated with program files JcaContentVerifi

CVE-2026-0636 [MEDIUM] CWE-90 bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `LDAPStoreHelper` implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying crafted input, pot