Red Hat Security Advisory: Red Hat Ceph Storage
🔗 CVE IDs covered (7)
📋 Description
CVE-2025-13033 — nodemailer: Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict CVE-2025-47914 — golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages CVE-2025-58181 — golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication CVE-2025-61729 — crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-64718 — js-yaml: js-yaml prototype pollution in merge CVE-2025-64756 — glob: glob: Command Injection Vulnerability via Malicious Filenames CVE-2025-68156 — github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2026:15979
- externalhttps://access.redhat.com/security/cve/CVE-2025-13033
- externalhttps://access.redhat.com/security/cve/CVE-2025-47914
- externalhttps://access.redhat.com/security/cve/CVE-2025-58181
- externalhttps://access.redhat.com/security/cve/CVE-2025-61729
- externalhttps://access.redhat.com/security/cve/CVE-2025-64718
- externalhttps://access.redhat.com/security/cve/CVE-2025-64756
- externalhttps://access.redhat.com/security/cve/CVE-2025-68156
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://docs.redhat.com/en/documentation/red_hat_ceph_storage/
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_15979.json