RHSA-2025:14059HighCVSS 8.3
Red Hat Security Advisory: OpenShift Container Platform 4.17.38 bug fix and security update
🔗 CVE IDs covered (6)
📋 Description
CVE-2025-6021 — libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 CVE-2025-7425 — libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr CVE-2025-32414 — libxml2: Out-of-Bounds Read in libxml2 CVE-2025-32415 — libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables CVE-2025-48384 — git: Git arbitrary code execution CVE-2025-48385 — git: Git arbitrary file writes
🔗 References (10)
- selfhttps://access.redhat.com/errata/RHSA-2025:14059
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2358121
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2360768
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2372406
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2378806
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2378808
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2379274
- externalhttps://issues.redhat.com/browse/OCPBUGS-54599
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14059.json