What is RHSA-2026:1017?

RHSA-2026:1017 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.3 security update

Which CVE IDs does RHSA-2026:1017 cover?

RHSA-2026:1017 covers the following CVE IDs: CVE-2025-13888, CVE-2025-47913, CVE-2025-55190, CVE-2025-58183, CVE-2025-61729, CVE-2025-68156. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2026:1017?

RHSA-2026:1017 has a CVSS v3 base score of 9.1, published by Red Hat Product Security.

RHSA-2026:1017HighCVSS 9.1

Red Hat Security Advisory: Red Hat OpenShift GitOps v1.18.3 security update

Vendor

Red Hat Product Security

Published

January 22, 2026

Last Modified

June 3, 2026

🔗 CVE IDs covered (6)

CVE-2025-13888 →CVE-2025-47913 →CVE-2025-55190 →CVE-2025-58183 →CVE-2025-61729 →CVE-2025-68156 →

📋 Description

CVE-2025-13888 — openshift-gitops-operator: OpenShift GitOps: Namespace Admin Cluster Takeover via Privileged Jobs CVE-2025-47913 — golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS CVE-2025-55190 — github.com/argoproj/argo-cd: Project API Token Exposes Repository Credentials CVE-2025-58183 — golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-61729 — crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-68156 — github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation

🔗 CVE IDs covered (6)

📋 Description

🔗 References (10)