Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.36.0 security update & enhancements

CVE-2024-12718 — cpython: python: Bypass extraction filter to modify file metadata outside extraction directory CVE-2025-4138 — cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory CVE-2025-4517 — python: cpython: Arbitrary writes via tarfile realpath overflow CVE-2025-5914 — libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c CVE-2025-6020 — linux-pam: Linux-pam directory Traversal CVE-2025-6965 — sqlite: Integer Truncation in SQLite CVE-2025-7425 — libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr CVE-2025-8941 — linux-pam: Incomplete fix for CVE-2025-6020 CVE-2025-30749 — openjdk: Better Glyph drawing (Oracle CPU 2025-07) CVE-2025-40778 — bind: Cache poisoning attacks with unsolicited RRs CVE-2025-49794 — libxml: Heap use after free (UAF) leads to Denial of service (DoS) CVE-2025-49796 — libxml: Type confusion leads to Denial of service (DoS) CVE-2025-50059 — openjdk: Improve HTTP client header handling (Oracle CPU 2025-07) CVE-2025-50106 — openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07) CVE-2025-58060 — cups: Authentication Bypass in CUPS Authorization Handling CVE-2025-59375 — firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing