RHSA-2025:21704HighCVSS 7.5
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.20 security, enhancement & bug fix update
🔗 CVE IDs covered (7)
📋 Description
CVE-2022-0155 — follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor CVE-2022-0536 — follow-redirects: Exposure of Sensitive Information via Authorization Header leak CVE-2024-45338 — golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html CVE-2025-5889 — brace-expansion: juliangruber brace-expansion index.js expand redos CVE-2025-7339 — on-headers: on-headers vulnerable to http response header manipulation CVE-2025-7783 — form-data: Unsafe random function in form-data CVE-2025-22869 — golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2025:21704
- externalhttps://access.redhat.com/security/cve/CVE-2022-0155
- externalhttps://access.redhat.com/security/cve/CVE-2022-0536
- externalhttps://access.redhat.com/security/cve/CVE-2024-45338
- externalhttps://access.redhat.com/security/cve/CVE-2025-22869
- externalhttps://access.redhat.com/security/cve/CVE-2025-5889
- externalhttps://access.redhat.com/security/cve/CVE-2025-7339
- externalhttps://access.redhat.com/security/cve/CVE-2025-7783
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21704.json