Red Hat OpenShift Container Platform (protobufjs, fast-uri): Mehrere Schwachstellen
Red Hat OpenShift Container Platform 4.22.3 includes security updates addressing multiple vulnerabilities, including a URI authority bypass in the fast-uri package (CVE-2026-6322). This update fixes bugs and enhances security for on-premise or private cloud Kubernetes deployments. Users of OpenShift Container Platform 4.22 are advised to upgrade to version 4.22.3 to apply these important security fixes.
AI Analysis
Technical Summary
Red Hat OpenShift Container Platform 4.22.3 addresses several security issues, notably a URI authority bypass vulnerability in the fast-uri package (CVE-2026-6322) caused by improper delimiter handling. The update includes RPM packages and container images that fix these vulnerabilities and other bugs. The vendor rates the security impact as Important. The advisory provides instructions for upgrading clusters using the OpenShift CLI or web console. This release is intended for on-premise or private cloud deployments of OpenShift Container Platform 4.22.
Potential Impact
The vulnerabilities fixed in this update, including CVE-2026-6322, could allow bypassing URI authority checks, potentially affecting the security of applications relying on URI parsing within OpenShift Container Platform. The overall security impact is rated Important by Red Hat Product Security, indicating a significant but not critical risk. No known exploits are reported in the wild at this time.
Mitigation Recommendations
Red Hat has released OpenShift Container Platform 4.22.3 containing fixes for these vulnerabilities. Users should upgrade to this version using the OpenShift CLI (oc) or web console following the official upgrade documentation. The vendor manages remediation for this on-premise/private cloud platform through these updates. Patch status is confirmed as available. No additional mitigation steps beyond applying the update are indicated.
Red Hat OpenShift Container Platform (protobufjs, fast-uri): Mehrere Schwachstellen
Description
Red Hat OpenShift Container Platform 4.22.3 includes security updates addressing multiple vulnerabilities, including a URI authority bypass in the fast-uri package (CVE-2026-6322). This update fixes bugs and enhances security for on-premise or private cloud Kubernetes deployments. Users of OpenShift Container Platform 4.22 are advised to upgrade to version 4.22.3 to apply these important security fixes.
Affected software
pkg:rpm/redhat/openshift-container-platformRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Red Hat OpenShift Container Platform 4.22.3 addresses several security issues, notably a URI authority bypass vulnerability in the fast-uri package (CVE-2026-6322) caused by improper delimiter handling. The update includes RPM packages and container images that fix these vulnerabilities and other bugs. The vendor rates the security impact as Important. The advisory provides instructions for upgrading clusters using the OpenShift CLI or web console. This release is intended for on-premise or private cloud deployments of OpenShift Container Platform 4.22.
Potential Impact
The vulnerabilities fixed in this update, including CVE-2026-6322, could allow bypassing URI authority checks, potentially affecting the security of applications relying on URI parsing within OpenShift Container Platform. The overall security impact is rated Important by Red Hat Product Security, indicating a significant but not critical risk. No known exploits are reported in the wild at this time.
Mitigation Recommendations
Red Hat has released OpenShift Container Platform 4.22.3 containing fixes for these vulnerabilities. Users should upgrade to this version using the OpenShift CLI (oc) or web console following the official upgrade documentation. The vendor manages remediation for this on-premise/private cloud platform through these updates. Patch status is confirmed as available. No additional mitigation steps beyond applying the update are indicated.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_base
- Csaf Version
- 2.0
- Publisher
- Bundesamt für Sicherheit in der Informationstechnik
- Advisory Id
- WID-SEC-W-2026-2142
- Cve Count
- 2
- Additional Cves
- ["CVE-2026-6322"]
- Cvss Version
- null
Threat ID: 6a46ed1627e9c7971944738a
Added to database: 07/02/2026, 22:58:30 UTC
Last enriched: 07/02/2026, 23:36:49 UTC
Last updated: 07/02/2026, 23:36:49 UTC
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.