rhsa-2025:8303
Vulnerability from csaf_redhat
Published
2025-06-05 09:36
Modified
2025-07-24 18:09
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.12.77 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.12.77 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.12.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.77. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2025:8304
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes
Security Fix(es):
* libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)
(CVE-2024-55549)
* libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.12.77 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.12.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.12.77. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHBA-2025:8304\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\n https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nSecurity Fix(es):\n\n* libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)\n(CVE-2024-55549)\n* libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8303",
"url": "https://access.redhat.com/errata/RHSA-2025:8303"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2352483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352483"
},
{
"category": "external",
"summary": "2352484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352484"
},
{
"category": "external",
"summary": "OCPBUGS-37799",
"url": "https://issues.redhat.com/browse/OCPBUGS-37799"
},
{
"category": "external",
"summary": "OCPBUGS-54772",
"url": "https://issues.redhat.com/browse/OCPBUGS-54772"
},
{
"category": "external",
"summary": "OCPBUGS-55035",
"url": "https://issues.redhat.com/browse/OCPBUGS-55035"
},
{
"category": "external",
"summary": "OCPBUGS-55951",
"url": "https://issues.redhat.com/browse/OCPBUGS-55951"
},
{
"category": "external",
"summary": "OCPBUGS-56130",
"url": "https://issues.redhat.com/browse/OCPBUGS-56130"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8303.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.12.77 bug fix and security update",
"tracking": {
"current_release_date": "2025-07-24T18:09:25+00:00",
"generator": {
"date": "2025-07-24T18:09:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.4"
}
},
"id": "RHSA-2025:8303",
"initial_release_date": "2025-06-05T09:36:03+00:00",
"revision_history": [
{
"date": "2025-06-05T09:36:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-06-05T09:36:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-07-24T18:09:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.12::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.12::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-etcd-rhel8-operator\u0026tag=v4.12.0-202505051902.p0.g50c4daa.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"product_id": "openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-node-tuning-operator\u0026tag=v4.12.0-202505150328.p0.g20966da.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"product": {
"name": "openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"product_id": "openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"product_identification_helper": {
"purl": "pkg:oci/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/driver-toolkit-rhel8\u0026tag=v4.12.0-202505221659.p0.g6e5c04c.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"product": {
"name": "openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"product_id": "openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ironic-agent-rhel9\u0026tag=v4.12.0-202505270132.p0.gfc37dec.assembly.stream.el9"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"product": {
"name": "openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"product_id": "openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ironic-rhel9\u0026tag=v4.12.0-202505270132.p0.g2869b1e.assembly.stream.el9"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"product": {
"name": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"product_id": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ironic-machine-os-downloader-rhel9\u0026tag=v4.12.0-202505270132.p0.gc65c1f1.assembly.stream.el9"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64",
"product": {
"name": "openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64",
"product_id": "openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ironic-static-ip-manager-rhel9\u0026tag=v4.12.0-202505270132.p0.ga8ade8f.assembly.stream.el9"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"product": {
"name": "openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"product_id": "openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-kube-proxy\u0026tag=v4.12.0-202505221559.p0.g5fe565c.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"product": {
"name": "openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"product_id": "openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.12.0-202505221659.p0.gb1a1975.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"product": {
"name": "openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"product_id": "openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.12.0-202505221659.p0.g371c936.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.12.0-202505062034.p0.g5c54d04.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"product_id": "openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.12.0-202505062034.p0.g5c54d04.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"product": {
"name": "openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"product_id": "openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.12.0-202505062034.p0.g5c54d04.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"product": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"product_id": "openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-os-images-rhel8\u0026tag=v4.12.0-202505062034.p0.g1964124.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"product_id": "openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.12.0-202505290500.p0.gc76613c.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"product": {
"name": "openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"product_id": "openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sdn-rhel8\u0026tag=v4.12.0-202505221559.p0.g5fe565c.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"product": {
"name": "openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"product_id": "openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes\u0026tag=v4.12.0-202505290500.p0.g9197561.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"product": {
"name": "openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"product_id": "openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-tools-rhel8\u0026tag=v4.12.0-202505221659.p0.gd691257.assembly.stream.el8"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"product": {
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"product_id": "openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes-microshift-rhel8\u0026tag=v4.12.0-202505290500.p0.g9197561.assembly.stream.el8"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64",
"product": {
"name": "rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64",
"product_id": "rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64",
"product_identification_helper": {
"purl": "pkg:oci/rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3?arch=x86_64\u0026repository_url=registry.redhat.io/rhcos\u0026tag=412.86.202505281830-0"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64"
},
"product_reference": "openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64"
},
"product_reference": "openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64"
},
"product_reference": "openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64"
},
"product_reference": "openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64"
},
"product_reference": "openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64"
},
"product_reference": "openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64"
},
"product_reference": "openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64"
},
"product_reference": "openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64"
},
"product_reference": "openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64"
},
"product_reference": "openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64"
},
"product_reference": "rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64"
},
"product_reference": "openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64"
},
"product_reference": "openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64"
},
"product_reference": "openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64"
},
"product_reference": "openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-55549",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-03-14T02:00:39.884650+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.12:openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"8Base-RHOSE-4.12:openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"8Base-RHOSE-4.12:openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"8Base-RHOSE-4.12:openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"8Base-RHOSE-4.12:openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"8Base-RHOSE-4.12:openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2352484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This use-after-free vulnerability in libxslt marked as Important rather than a Moderate flaw, due to its potential to enable arbitrary code execution or cause denial-of-service conditions. The vulnerability arises from mishandled memory in the exclPrefixTab table, which references freed namespace URLs during stylesheet processing. When an included stylesheet has xsl:text as the root and is deleted, the associated namespace URLs remain referenced in exclPrefixTab despite being freed, leading to a classic use-after-free condition. Since libxslt is a core XML transformation library frequently used in complex server-side applications (e.g., web frameworks, document rendering), an attacker can craft malicious XSLT stylesheets to exploit this flaw, potentially gaining remote code execution within the application\u0027s process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.12:openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"8Base-RHOSE-4.12:openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"8Base-RHOSE-4.12:openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"8Base-RHOSE-4.12:openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"8Base-RHOSE-4.12:openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"8Base-RHOSE-4.12:openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-55549"
},
{
"category": "external",
"summary": "RHBZ#2352484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55549"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/127",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/127"
}
],
"release_date": "2025-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-05T09:36:03+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\n https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for the x86_64 architecture. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:753e18b761de2e56bdf29b56665c33624f1c27d7cfa0b6b5c081bcc3b035c864\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8303"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.12:openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"8Base-RHOSE-4.12:openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"8Base-RHOSE-4.12:openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"8Base-RHOSE-4.12:openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"8Base-RHOSE-4.12:openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"8Base-RHOSE-4.12:openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"8Base-RHOSE-4.12:rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"8Base-RHOSE-4.12:openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"8Base-RHOSE-4.12:openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"8Base-RHOSE-4.12:openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"8Base-RHOSE-4.12:openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"8Base-RHOSE-4.12:openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"8Base-RHOSE-4.12:rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)"
},
{
"cve": "CVE-2025-24855",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-03-14T02:00:37.507344+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.12:openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"8Base-RHOSE-4.12:openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"8Base-RHOSE-4.12:openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"8Base-RHOSE-4.12:openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"8Base-RHOSE-4.12:openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"8Base-RHOSE-4.12:openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2352483"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxslt numbers.c. This vulnerability allows a use-after-free, potentially leading to memory corruption or code execution via nested XPath evaluations where an XPath context node can be modified but not restored.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: Use-After-Free in libxslt numbers.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The use-after-free vulnerability in libxslt marked as a high severity rather than moderate due to its potential impact on system integrity and availability. This flaw arises during nested XPath evaluations where the context node can be modified without proper restoration, leading to use-after-free conditions. Exploitation of this vulnerability allows an attacker to execute arbitrary code, potentially causing significant disruptions or unauthorized actions within the affected system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.12:openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"8Base-RHOSE-4.12:openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"8Base-RHOSE-4.12:openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"8Base-RHOSE-4.12:openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"8Base-RHOSE-4.12:openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"8Base-RHOSE-4.12:openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-24855"
},
{
"category": "external",
"summary": "RHBZ#2352483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352483"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-24855",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24855"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/128",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/128"
}
],
"release_date": "2025-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-06-05T09:36:03+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\n https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes\n\nYou may download the oc tool and use it to inspect release image metadata for the x86_64 architecture. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.\n\n The sha values for the release are as follows:\n\n (For x86_64 architecture)\n The image digest is sha256:753e18b761de2e56bdf29b56665c33624f1c27d7cfa0b6b5c081bcc3b035c864\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"product_ids": [
"8Base-RHOSE-4.12:rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8303"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.12:openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"8Base-RHOSE-4.12:openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"8Base-RHOSE-4.12:openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"8Base-RHOSE-4.12:openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"8Base-RHOSE-4.12:openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"8Base-RHOSE-4.12:openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"8Base-RHOSE-4.12:rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:openshift4/driver-toolkit-rhel8@sha256:6f0dec874dd4abda1ff4eab3336ccc72d78e41c2fb1e919b96dced519272e996_amd64",
"8Base-RHOSE-4.12:openshift4/network-tools-rhel8@sha256:b4fc6451642fb3f21604817013a537451906e990cf04e24c4b31546dfdc2fc2e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-baremetal-installer-rhel8@sha256:1672893d4abfb034bc74af391f9ad7c5ae3f2fdb3b8c83321a83e68d5b8ac4fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-etcd-rhel8-operator@sha256:097664cd76b162cfe18c895ecae749593f5763b541d419c7eebe801d6dbf3f4d_amd64",
"8Base-RHOSE-4.12:openshift4/ose-cluster-node-tuning-operator@sha256:f48136a8d322099c1956f7ba4bd0b1fbb1be7cdca0cd58a2bc02d1fcb422b2ca_amd64",
"8Base-RHOSE-4.12:openshift4/ose-console@sha256:ec52e0c5a4b519f7c466bbeff01f6e167a3a26059db029ffb1d1c645da163489_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer-artifacts@sha256:63ba9382d7b4ded26a897b6fcf47aec2d95f1c9b648bc77a20cf936f3bb0bca1_amd64",
"8Base-RHOSE-4.12:openshift4/ose-installer@sha256:cdf6e9dd2df2e4f9c8b59d16b42a14fba7d0b17f05755afb5a777be9ad65f333_amd64",
"8Base-RHOSE-4.12:openshift4/ose-kube-proxy@sha256:bc52d69b411a923fd7440568c82328be6a20698edda9cc2307c13eb5fab6d67f_amd64",
"8Base-RHOSE-4.12:openshift4/ose-machine-os-images-rhel8@sha256:997ba648c2936a22882a7ef2dd3ca4ff73fd01023854c58bd5fc4b1a0f2bea2b_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes-microshift-rhel8@sha256:e0e255e1e71f11b48aaa8c91477f93caf7fdd5fe40647466fea50bb27b93c1fe_amd64",
"8Base-RHOSE-4.12:openshift4/ose-ovn-kubernetes@sha256:70c6e4595e21f9469ba506af7ef41c7c24ef8bad32f0dc32ed314dc2387efd92_amd64",
"8Base-RHOSE-4.12:openshift4/ose-sdn-rhel8@sha256:0461d14b98d8a81ca0c7d26363b09809b60ca4fecf64bd1bebfdf7e56db8d5a0_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tests@sha256:878a11e8055aa6bcd13fa9e7b4dcd93d0ae82b3d64bfb305ce2fc9716d31c88e_amd64",
"8Base-RHOSE-4.12:openshift4/ose-tools-rhel8@sha256:ff98a2dd4d908ff6c10acc20b552aece31027170a78eaf241d30d6548a52f347_amd64",
"8Base-RHOSE-4.12:rhcos@sha256:14dca167b3c2951243d6b930d3887d1797cbb3028d9d70adde35ab2276cbebc3_x86_64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-agent-rhel9@sha256:3115a088cf3e757ae94a0e7488e98523addf6e1a0eba5b8b9de5e12a0aed539f_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:d3860121b363e8b5155d4b950c81a6e38497ded9ce0bed1af53ebd65dee25843_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-rhel9@sha256:8edeebfc2c86828d6341f1d4dc64c9bca0762e7bf86e6048511f04bf8708f760_amd64",
"9Base-RHOSE-4.12:openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6a12f8ca7077766f5547cb3dbd094840fc4bcf89cdcbf9b59e9840e8cba361de_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxslt: Use-After-Free in libxslt numbers.c"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…