RHSA-2026:7249HighCVSS 8.2
Red Hat Security Advisory: OpenShift Container Platform 4.19.28 bug fix and security update
🔗 CVE IDs covered (4)
📋 Description
CVE-2025-61726 — golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61728 — golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2026-25639 — axios: Axios affected by Denial of Service via proto Key in mergeConfig CVE-2026-27959 — koa: Koa: Host header injection vulnerability due to malformed HTTP Host header parsing
🔗 References (7)
- selfhttps://access.redhat.com/errata/RHSA-2026:7249
- externalhttps://access.redhat.com/security/cve/CVE-2025-61726
- externalhttps://access.redhat.com/security/cve/CVE-2025-61728
- externalhttps://access.redhat.com/security/cve/CVE-2026-25639
- externalhttps://access.redhat.com/security/cve/CVE-2026-27959
- externalhttps://access.redhat.com/security/updates/classification/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7249.json