Red Hat Security Advisory: OpenShift Container Platform 4.17.35 packages and security update
Red Hat OpenShift Container Platform 4. 17. 35 includes security updates addressing two vulnerabilities: CVE-2025-6032, a missing TLS verification issue in podman, and CVE-2025-22871, a request smuggling vulnerability in net/http due to acceptance of invalid chunked data. These issues affect on-premise or private cloud deployments of OpenShift Container Platform 4. 17. Users are advised to upgrade to the updated packages and container images provided by Red Hat to mitigate these vulnerabilities.
AI Analysis
Technical Summary
This advisory covers security fixes in Red Hat OpenShift Container Platform 4.17.35 for two vulnerabilities. CVE-2025-6032 involves podman missing TLS verification, potentially impacting secure communications. CVE-2025-22871 is a request smuggling vulnerability in the net/http package caused by acceptance of invalid chunked data. The update includes RPM packages and container images to address these issues. Red Hat rates the update as Important and recommends upgrading using the OpenShift CLI or web console. Detailed upgrade instructions are provided in Red Hat's documentation.
Potential Impact
The vulnerabilities could allow attackers to bypass TLS verification in podman or exploit request smuggling in net/http, potentially leading to security breaches in OpenShift Container Platform deployments. The advisory rates the security impact as Important (high severity). No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released updated packages and container images in OpenShift Container Platform 4.17.35 that fix these vulnerabilities. Users should upgrade to these updated packages and images as soon as they are available in the appropriate release channel. Upgrades can be performed using the OpenShift CLI (oc) or web console following Red Hat's documented procedures. Patch status is confirmed as available and official fixes are provided.
Red Hat Security Advisory: OpenShift Container Platform 4.17.35 packages and security update
Description
Red Hat OpenShift Container Platform 4. 17. 35 includes security updates addressing two vulnerabilities: CVE-2025-6032, a missing TLS verification issue in podman, and CVE-2025-22871, a request smuggling vulnerability in net/http due to acceptance of invalid chunked data. These issues affect on-premise or private cloud deployments of OpenShift Container Platform 4. 17. Users are advised to upgrade to the updated packages and container images provided by Red Hat to mitigate these vulnerabilities.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers security fixes in Red Hat OpenShift Container Platform 4.17.35 for two vulnerabilities. CVE-2025-6032 involves podman missing TLS verification, potentially impacting secure communications. CVE-2025-22871 is a request smuggling vulnerability in the net/http package caused by acceptance of invalid chunked data. The update includes RPM packages and container images to address these issues. Red Hat rates the update as Important and recommends upgrading using the OpenShift CLI or web console. Detailed upgrade instructions are provided in Red Hat's documentation.
Potential Impact
The vulnerabilities could allow attackers to bypass TLS verification in podman or exploit request smuggling in net/http, potentially leading to security breaches in OpenShift Container Platform deployments. The advisory rates the security impact as Important (high severity). No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released updated packages and container images in OpenShift Container Platform 4.17.35 that fix these vulnerabilities. Users should upgrade to these updated packages and images as soon as they are available in the appropriate release channel. Upgrades can be performed using the OpenShift CLI (oc) or web console following Red Hat's documented procedures. Patch status is confirmed as available and official fixes are provided.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:10295
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-22871"]
- Cvss Version
- null
Threat ID: 6a18be67e29bf47b503872c6
Added to database: 5/28/2026, 10:15:03 PM
Last enriched: 5/28/2026, 10:20:50 PM
Last updated: 5/29/2026, 7:34:10 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.