RHSA-2025:23225CriticalCVSS 10.0
Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.25.0 Release.
🔗 CVE IDs covered (7)
📋 Description
CVE-2024-4067 — micromatch: vulnerable to Regular Expression Denial of Service CVE-2025-55247 — dotnet: .NET Denial of Service Vulnerability CVE-2025-55248 — dotnet: .NET Information Disclosure Vulnerability CVE-2025-55315 — dotnet: .NET Security Feature Bypass Vulnerability CVE-2025-55752 — tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE CVE-2025-61927 — happy-dom: Happy-DOM VM Context Escape CVE-2025-66516 — tika-core: tika-parsers: tika-parser-pdf-module: Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2025:23225
- externalhttps://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.25/html/administration_guide/installing-devspaces
- externalhttps://access.redhat.com/security/cve/CVE-2024-4067
- externalhttps://access.redhat.com/security/cve/CVE-2025-55247
- externalhttps://access.redhat.com/security/cve/CVE-2025-55248
- externalhttps://access.redhat.com/security/cve/CVE-2025-55315
- externalhttps://access.redhat.com/security/cve/CVE-2025-55752
- externalhttps://access.redhat.com/security/cve/CVE-2025-61927
- externalhttps://access.redhat.com/security/cve/CVE-2025-66516
- externalhttps://access.redhat.com/security/updates/classification/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23225.json