Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.0 Release.

CVE-2024-10005 — hashicorp/consul: consul: Consul L7 Intentions Vulnerable To URL Path Bypass CVE-2024-10006 — hashicorp/consul: consul: Consul L7 Intentions Vulnerable To Headers Bypass CVE-2024-22189 — quic-go: memory exhaustion attack against QUIC's connection ID mechanism CVE-2024-24789 — golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-28869 — traefik: denial of service CVE-2024-39321 — traefik: Bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes CVE-2024-45338 — golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html CVE-2025-9287 — cipher-base: Cipher-base hash manipulation CVE-2025-9288 — sha.js: Missing type checks leading to hash rewind and passing on crafted data CVE-2025-48385 — git: Git arbitrary file writes CVE-2025-48387 — tar-fs: tar-fs has issue where extract can write outside the specified dir with a specific tarball CVE-2025-52999 — com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError