RHSA-2025:23060HighCVSS 7.5
Red Hat Security Advisory: Red Hat Quay 3.12
🔗 CVE IDs covered (4)
📋 Description
CVE-2024-34156 — encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2025-47913 — golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS CVE-2025-59420 — authlib: Authlib RFC violation CVE-2025-61920 — authlib: Authlib Denial of Service
🔗 References (7)
- selfhttps://access.redhat.com/errata/RHSA-2025:23060
- externalhttps://access.redhat.com/security/cve/CVE-2024-34156
- externalhttps://access.redhat.com/security/cve/CVE-2025-47913
- externalhttps://access.redhat.com/security/cve/CVE-2025-59420
- externalhttps://access.redhat.com/security/cve/CVE-2025-61920
- externalhttps://access.redhat.com/security/updates/classification/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23060.json