RHSA-2026:24471HighCVSS 7.5

Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release

Published
June 8, 2026
Last Modified
July 6, 2026

🔗 CVE IDs covered (4)

📋 Description

CVE-2025-62718 — axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization CVE-2026-34986 — github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object CVE-2026-42035 — axios: Axios: Arbitrary HTTP header injection via prototype pollution CVE-2026-42044 — axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget

🔗 References (9)