Redhat Openshift Container Platform vulnerabilities

CVE-2026-4647 [MEDIUM] CWE-125 CVE-2026-4647: A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds.

CVE-2026-3441 [MEDIUM] CWE-125 CVE-2026-3441: A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an

CVE-2026-3442 [MEDIUM] CWE-125 CVE-2026-3442: A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause t

CVE-2025-12801 [MEDIUM] CWE-279 CVE-2025-12801: A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exported directory, regardless of the set file permissions, a

CVE-2025-13601 [HIGH] CWE-190 CVE-2025-13601: A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer si A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off t

CVE-2025-8283 [LOW] CWE-15 CVE-2025-8283: A vulnerability was found in the netavark package, a network stack for containers used with Podman. A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's

CVE-2025-7519 [MEDIUM] CWE-787 CVE-2025-7519: A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy f

CVE-2025-7424 [HIGH] CWE-843 CVE-2025-7424: A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet an A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.

CVE-2025-32990 [MEDIUM] CWE-122 CVE-2025-32990: A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing lo A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash t

CVE-2025-32988 [MEDIUM] CWE-415 CVE-2025-32988: A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition wh

CVE-2025-32989 [MEDIUM] CWE-295 CVE-2025-32989: A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transpare A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This iss

CVE-2025-5372 [MEDIUM] CWE-682 CVE-2025-5372: A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fai

CVE-2025-5351 [MEDIUM] CWE-415 CVE-2025-5351: A flaw was found in the key export functionality of libssh. The issue occurs in the internal functio A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition m

CVE-2025-5318 [HIGH] CWE-125 CVE-2025-5318: A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be tr A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authentica

CVE-2025-6170 [LOW] CWE-121 CVE-2025-6170: A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML fil A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

CVE-2025-6021 [HIGH] CWE-787 CVE-2025-6021: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calcula A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

CVE-2025-5914 [HIGH] CWE-190 CVE-2025-5914: A vulnerability has been identified in the libarchive library, specifically within the archive_read_ A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a

CVE-2025-5918 [LOW] CWE-125 CVE-2025-5918: A vulnerability has been identified in the libarchive library. This flaw can be triggered when file A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

CVE-2025-5916 [LOW] CWE-190 CVE-2025-5916: A vulnerability has been identified in the libarchive library. This flaw involves an integer overflo A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, me

CVE-2025-5917 [LOW] CWE-787 CVE-2025-5917: A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' mi A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances