Red Hat Security Advisory: RHOAI 2.16.4 - Red Hat OpenShift AI

CVE-2024-25621 — github.com/containerd/containerd: containerd local privilege escalation CVE-2025-6193 — trustyai-explainability: command injection via LMEvalJob CR CVE-2025-12060 — keras: Keras Path Traversal Vulnerability CVE-2025-12638 — keras: Path Traversal Vulnerability in keras CVE-2025-12816 — node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications CVE-2025-61726 — golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61729 — crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-66031 — node-forge: node-forge ASN.1 Unbounded Recursion CVE-2025-66418 — urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66626 — github.com/argoproj/argo-workflows: argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links CVE-2025-68156 — github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-69873 — ajv: ReDoS via $data reference CVE-2026-1526 — undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression CVE-2026-1528 — undici: undici: Denial of Service via crafted WebSocket frame with large length CVE-2026-2229 — undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter CVE-2026-25223 — Fastify: Fastify: Validation bypass due to malformed Content-Type header leading to integrity impact CVE-2026-25639 — axios: Axios affected by Denial of Service via proto Key in mergeConfig CVE-2026-29074 — svgo: SVGO: Denial of Service via XML entity expansion CVE-2026-32141 — flatted: flatted: Unbounded recursion DoS in parse() revive phase