What is RHSA-2025:10853?

RHSA-2025:10853 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.19.0

Which CVE IDs does RHSA-2025:10853 cover?

RHSA-2025:10853 covers the following CVE IDs: CVE-2024-11831, CVE-2024-21536, CVE-2024-48949. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2025:10853?

RHSA-2025:10853 has a CVSS v3 base score of 8.2, published by Red Hat Product Security.

RHSA-2025:10853HighCVSS 8.2

Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.19.0

Vendor

Red Hat Product Security

Published

July 14, 2025

Last Modified

June 2, 2026

🔗 CVE IDs covered (3)

CVE-2024-11831 →CVE-2024-21536 →CVE-2024-48949 →

📋 Description

CVE-2024-11831 — npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript CVE-2024-21536 — http-proxy-middleware: Denial of Service CVE-2024-48949 — elliptic: Missing Validation in Elliptic's EDDSA Signature Verification

🔗 References (7)

selfhttps://access.redhat.com/errata/RHSA-2025:10853
externalhttps://docs.redhat.com/en/documentation/red_hat_openshift_pipelines
externalhttps://access.redhat.com/security/updates/classification/
externalhttps://access.redhat.com/security/cve/cve-2024-21536
externalhttps://access.redhat.com/security/cve/cve-2024-11831
externalhttps://access.redhat.com/security/cve/cve-2024-48949
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10853.json