RHSA-2025:2223HighCVSS 8.0

Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update

Published
March 4, 2025
Last Modified
June 15, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2024-45339 — github.com/golang/glog: Vulnerability when creating log files in github.com/golang/glog CVE-2024-47072 — com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream CVE-2024-47855 — json-lib: Mishandling of an unbalanced comment string in json-lib CVE-2024-52549 — jenkins-plugin/script-security: Jenkins Script Security Plugin File Disclosure Vulnerability CVE-2024-52550 — jenkins-plugin/workflow-cps: Lack of Approval Check for Rebuilt Jenkins Pipelines CVE-2024-52551 — jenkins-plugin/pipeline-model-definition: Jenkins Pipeline Declarative Plugin Allows Restart of Builds with Unapproved Jenkinsfile

🔗 References (8)