RHSA-2025:10992HighCVSS 7.3
Red Hat Security Advisory: Red Hat Developer Hub 1.5.3 release.
🔗 CVE IDs covered (2)
📋 Description
CVE-2025-47273 — setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-48387 — tar-fs: tar-fs has issue where extract can write outside the specified dir with a specific tarball
🔗 References (10)
- selfhttps://access.redhat.com/errata/RHSA-2025:10992
- externalhttps://access.redhat.com/security/cve/CVE-2025-47273
- externalhttps://access.redhat.com/security/cve/CVE-2025-48387
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://catalog.redhat.com/search?gs&searchType=containers&q=rhdh
- externalhttps://developers.redhat.com/rhdh/overview
- externalhttps://docs.redhat.com/en/documentation/red_hat_developer_hub
- externalhttps://issues.redhat.com/browse/RHIDP-7702
- externalhttps://issues.redhat.com/browse/RHIDP-7793
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10992.json