RHSA-2025:19094HighCVSS 8.8

Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.24.0 Release.

Published
October 23, 2025
Last Modified
July 2, 2026

🔗 CVE IDs covered (9)

📋 Description

CVE-2021-35065 — glob-parent: Regular Expression Denial of Service CVE-2022-3517 — nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-25883 — nodejs-semver: Regular expression denial of service CVE-2022-46175 — json5: Prototype Pollution in JSON5 via Parse Method CVE-2025-9566 — podman: Podman kube play command may overwrite host files CVE-2025-41248 — org.springframework.security/spring-security-core: Spring Security authorization bypass CVE-2025-41249 — org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability CVE-2025-55163 — netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability CVE-2025-59343 — tar-fs: tar-fs symlink validation bypass

🔗 References (13)