Red Hat Security Advisory: OpenShift Container Platform 4.19.10 bug fix and security update
Red Hat OpenShift Container Platform 4. 19. 10 includes important security updates addressing three vulnerabilities: a heap use-after-free in libxslt (CVE-2025-7425) and two out-of-bounds read issues in libxml2 (CVE-2025-32414 and CVE-2025-32415). These vulnerabilities affect the XML processing libraries used within the platform. Red Hat has released updated container images and packages to fix these issues. Users of OpenShift Container Platform 4. 19 are advised to upgrade to the updated release to mitigate these vulnerabilities. Instructions for upgrading are available via the OpenShift CLI or web console. The advisory rates the security impact as Important (high severity). No known exploits in the wild have been reported at this time.
AI Analysis
Technical Summary
This advisory covers security fixes in Red Hat OpenShift Container Platform 4.19.10 for three vulnerabilities: CVE-2025-7425, a heap use-after-free in libxslt caused by atype corruption in xmlAttrPtr; CVE-2025-32414, an out-of-bounds read in libxml2; and CVE-2025-32415, another out-of-bounds read in the xmlSchemaIDCFillNodeTables function of libxml2. These vulnerabilities relate to memory safety issues in XML processing libraries embedded in the platform. The update provides patched container images and RPM packages to address these flaws. Red Hat classifies the update as having an Important security impact and recommends all OpenShift Container Platform 4.19 users apply the update promptly. Detailed upgrade instructions and image digests are provided by Red Hat. No CVSS scores are provided in the advisory, and no active exploitation has been reported.
Potential Impact
The vulnerabilities involve memory corruption and out-of-bounds reads in critical XML processing libraries (libxslt and libxml2) used by OpenShift Container Platform. Such issues can potentially lead to application crashes or other undefined behavior. The advisory does not specify exploitation details or confirmed impact beyond the memory safety flaws. No known exploits in the wild have been reported. The security impact is rated as Important by Red Hat, indicating a high severity level that warrants timely remediation.
Mitigation Recommendations
Red Hat has released updated container images and RPM packages for OpenShift Container Platform 4.19.10 that fix these vulnerabilities. All users of OpenShift Container Platform 4.19 are strongly advised to upgrade to these updated packages and images as soon as they become available in the appropriate release channels. Upgrades can be performed using the OpenShift CLI (oc) or the web console. Detailed upgrade instructions are available at Red Hat's official documentation. Since this is an on-premise/private cloud deployment product, remediation is managed by the user applying the update. There is no indication that no action is required or that the issue is already mitigated without patching.
Red Hat Security Advisory: OpenShift Container Platform 4.19.10 bug fix and security update
Description
Red Hat OpenShift Container Platform 4. 19. 10 includes important security updates addressing three vulnerabilities: a heap use-after-free in libxslt (CVE-2025-7425) and two out-of-bounds read issues in libxml2 (CVE-2025-32414 and CVE-2025-32415). These vulnerabilities affect the XML processing libraries used within the platform. Red Hat has released updated container images and packages to fix these issues. Users of OpenShift Container Platform 4. 19 are advised to upgrade to the updated release to mitigate these vulnerabilities. Instructions for upgrading are available via the OpenShift CLI or web console. The advisory rates the security impact as Important (high severity). No known exploits in the wild have been reported at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers security fixes in Red Hat OpenShift Container Platform 4.19.10 for three vulnerabilities: CVE-2025-7425, a heap use-after-free in libxslt caused by atype corruption in xmlAttrPtr; CVE-2025-32414, an out-of-bounds read in libxml2; and CVE-2025-32415, another out-of-bounds read in the xmlSchemaIDCFillNodeTables function of libxml2. These vulnerabilities relate to memory safety issues in XML processing libraries embedded in the platform. The update provides patched container images and RPM packages to address these flaws. Red Hat classifies the update as having an Important security impact and recommends all OpenShift Container Platform 4.19 users apply the update promptly. Detailed upgrade instructions and image digests are provided by Red Hat. No CVSS scores are provided in the advisory, and no active exploitation has been reported.
Potential Impact
The vulnerabilities involve memory corruption and out-of-bounds reads in critical XML processing libraries (libxslt and libxml2) used by OpenShift Container Platform. Such issues can potentially lead to application crashes or other undefined behavior. The advisory does not specify exploitation details or confirmed impact beyond the memory safety flaws. No known exploits in the wild have been reported. The security impact is rated as Important by Red Hat, indicating a high severity level that warrants timely remediation.
Mitigation Recommendations
Red Hat has released updated container images and RPM packages for OpenShift Container Platform 4.19.10 that fix these vulnerabilities. All users of OpenShift Container Platform 4.19 are strongly advised to upgrade to these updated packages and images as soon as they become available in the appropriate release channels. Upgrades can be performed using the OpenShift CLI (oc) or the web console. Detailed upgrade instructions are available at Red Hat's official documentation. Since this is an on-premise/private cloud deployment product, remediation is managed by the user applying the update. There is no indication that no action is required or that the issue is already mitigated without patching.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:14819
- Cve Count
- 3
- Additional Cves
- ["CVE-2025-32414","CVE-2025-32415"]
- Cvss Version
- null
Threat ID: 6a1f4e88e29bf47b50081ba1
Added to database: 6/2/2026, 9:43:36 PM
Last enriched: 6/2/2026, 10:12:37 PM
Last updated: 6/3/2026, 4:58:49 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.