RHSA-2026:28573HighCVSS 8.1

Red Hat Security Advisory: Red Hat Offline Knowledge Portal security and content update

Published
June 23, 2026
Last Modified
July 7, 2026

🔗 CVE IDs covered (5)

📋 Description

CVE-2026-5795 — org.eclipse.jetty.ee10/jetty-ee10: early return from the JASPIAuthenticator class without clearing ThreadLocal variables CVE-2026-44249 — netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation CVE-2026-45292 — opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage CVE-2026-45416 — netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake CVE-2026-50010 — netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

🔗 References (10)