What is RHSA-2025:22759?

RHSA-2025:22759 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: RHOAI 2.22.3 - Red Hat OpenShift AI

What is the CVSS v3 score of RHSA-2025:22759?

RHSA-2025:22759 has a CVSS v3 base score of 8.6, published by Red Hat Product Security.

RHSA-2025:22759HighCVSS 8.6

Red Hat Security Advisory: RHOAI 2.22.3 - Red Hat OpenShift AI

Vendor

Red Hat Product Security

Published

December 4, 2025

Last Modified

June 1, 2026

🔗 CVE IDs covered (8)

CVE-2025-9905 →CVE-2025-12060 →CVE-2025-47907 →CVE-2025-53643 →CVE-2025-58183 →CVE-2025-58754 →CVE-2025-62156 →CVE-2025-62727 →

📋 Description

CVE-2025-9905 — keras: Arbitary Code execution in Keras load_model() CVE-2025-12060 — keras: Keras Path Traversal Vulnerability CVE-2025-47907 — database/sql: Postgres Scan Race Condition CVE-2025-53643 — aiohttp: AIOHTTP HTTP Request/Response Smuggling CVE-2025-58183 — golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58754 — axios: Axios DoS via lack of data size check CVE-2025-62156 — github.com/argoproj/argo-workflows: Argo Workflows Zip Slip CVE-2025-62727 — starlette: Starlette DoS via Range header merging

🔗 References (12)

selfhttps://access.redhat.com/errata/RHSA-2025:22759
externalhttps://access.redhat.com/security/cve/CVE-2025-12060
externalhttps://access.redhat.com/security/cve/CVE-2025-47907
externalhttps://access.redhat.com/security/cve/CVE-2025-53643
externalhttps://access.redhat.com/security/cve/CVE-2025-58183
externalhttps://access.redhat.com/security/cve/CVE-2025-58754
externalhttps://access.redhat.com/security/cve/CVE-2025-62156
externalhttps://access.redhat.com/security/cve/CVE-2025-62727
externalhttps://access.redhat.com/security/cve/CVE-2025-9905
externalhttps://access.redhat.com/security/updates/classification/
externalhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22759.json