RHSA-2026:34766HighCVSS 8.6
Red Hat Security Advisory: OpenShift Container Platform 4.19.37 bug fix and security update
🔗 CVE IDs covered (5)
📋 Description
CVE-2026-6322 — fast-uri: fast-uri: URI authority bypass due to improper delimiter handling CVE-2026-35469 — Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code CVE-2026-44486 — axios: Axios: Information disclosure of proxy credentials via HTTP redirects CVE-2026-44492 — axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization CVE-2026-44496 — axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name
🔗 References (8)
- selfhttps://access.redhat.com/errata/RHSA-2026:34766
- externalhttps://access.redhat.com/security/cve/CVE-2026-35469
- externalhttps://access.redhat.com/security/cve/CVE-2026-44486
- externalhttps://access.redhat.com/security/cve/CVE-2026-44492
- externalhttps://access.redhat.com/security/cve/CVE-2026-44496
- externalhttps://access.redhat.com/security/cve/CVE-2026-6322
- externalhttps://access.redhat.com/security/updates/classification/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34766.json