RHSA-2026:2769HighCVSS 7.5

Red Hat Security Advisory: Red Hat Ceph Storage 7.1 security and bug fix updates

Published
February 17, 2026
Last Modified
May 27, 2026

🔗 CVE IDs covered (11)

CVE-2022-34749CVE-2024-31884 · pendingCVE-2024-51744CVE-2024-55565CVE-2025-26791 · pendingCVE-2025-47913 · pendingCVE-2025-61729 · pendingCVE-2021-23358CVE-2024-11831CVE-2024-47866 · pendingCVE-2025-52555

📋 Description

CVE-2021-23358 — nodejs-underscore: Arbitrary code execution via the template function CVE-2022-34749 — mistune: catastrophic backtracking CVE-2024-11831 — npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript CVE-2024-31884 — pybind: Improper use of Pybind CVE-2024-47866 — rgw: RGW DoS attack with empty HTTP header in S3 object copy CVE-2024-51744 — golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt CVE-2024-55565 — nanoid: nanoid mishandles non-integer values CVE-2025-26791 — dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling CVE-2025-47913 — golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS CVE-2025-52555 — ceph: privilege escalation by unprivileged users in a ceph-fuse mounted CephFS CVE-2025-61729 — crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

🔗 References (28)