Red Hat Security Advisory: Red Hat Ceph Storage

CVE-2024-5642 — python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2025-4598 — systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump CVE-2025-6069 — cpython: Python HTMLParser quadratic complexity CVE-2025-6075 — python: Quadratic complexity in os.path.expandvars() with user-controlled template CVE-2025-6965 — sqlite: Integer Truncation in SQLite CVE-2025-8291 — cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked CVE-2025-9230 — openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9714 — libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-13601 — glib: Integer overflow in in g_escape_uri_string() CVE-2025-45582 — tar: Tar path traversal CVE-2025-59375 — firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-61984 — openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61985 — openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand CVE-2025-66418 — urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66471 — urllib3: urllib3 Streaming API improperly handles highly compressed data CVE-2025-68973 — GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write CVE-2026-21441 — urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)