RHSA-2025:7626HighCVSS 9.1

Red Hat Security Advisory: Red Hat Developer Hub 1.6.0 release.

Published
May 14, 2025
Last Modified
June 28, 2026

🔗 CVE IDs covered (4)

📋 Description

CVE-2024-12905 — tar-fs: link following and path traversal via maliciously crafted tar file CVE-2024-21534 — jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization CVE-2025-26791 — dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling CVE-2025-29775 — xml-crypto: xml-crypto Vulnerable to XML Signature Verification Bypass via DigestValue Comment

🔗 References (10)