What is RHSA-2026:3827?

RHSA-2026:3827 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.20.3

Which CVE IDs does RHSA-2026:3827 cover?

RHSA-2026:3827 covers the following CVE IDs: CVE-2025-66506, CVE-2025-66564, CVE-2025-11621, CVE-2025-12044, CVE-2025-47913, CVE-2025-61729. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2026:3827?

RHSA-2026:3827 has a CVSS v3 base score of 8.1, published by Red Hat Product Security.

RHSA-2026:3827HighCVSS 8.1

Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.20.3

Vendor

Red Hat Product Security

Published

March 5, 2026

Last Modified

June 3, 2026

🔗 CVE IDs covered (6)

CVE-2025-66506 →CVE-2025-66564 →CVE-2025-11621 →CVE-2025-12044 →CVE-2025-47913 →CVE-2025-61729 →

📋 Description

CVE-2025-11621 — github.com/hashicorp/vault: Vault AWS auth method bypass due to AWS client cache CVE-2025-12044 — github.com/hashicorp/vault: Vault Vulnerable to Denial of Service Due to Rate Limit Regression CVE-2025-47913 — golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS CVE-2025-61729 — crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-66506 — github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token CVE-2025-66564 — github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing

🔗 CVE IDs covered (6)

📋 Description

🔗 References (10)