RHSA-2026:10206HighCVSS 8.8

Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.19 security update.

Published
April 23, 2026
Last Modified
June 28, 2026

🔗 CVE IDs covered (4)

CVE-2026-33001CVE-2024-29371CVE-2026-27099 · pendingCVE-2026-27100 · pending

📋 Description

CVE-2024-29371 — jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression CVE-2026-27099 — org.jenkins-ci.main/jenkins-core: Jenkins: Stored Cross-site Scripting (XSS) via unescaped user-provided offline cause description CVE-2026-27100 — org.jenkins-ci.main/jenkins-core: Jenkins: Information disclosure via unauthorized access to build parameters CVE-2026-33001 — jenkins: Jenkins: Arbitrary file write and potential code execution through crafted archives

🔗 References (9)