Red Hat Security Advisory: OpenShift Container Platform 4.20.16 packages and security update
Red Hat OpenShift Container Platform 4. 20. 16 includes a security update addressing CVE-2025-61728, a vulnerability in the golang archive/zip package that causes excessive CPU consumption when building the archive index. This issue is rated as moderate severity by Red Hat Product Security. The update is available as RPM packages and container images for OpenShift Container Platform 4. 20. Users are advised to upgrade to the updated packages and images via the OpenShift CLI or web console following official upgrade instructions.
AI Analysis
Technical Summary
This advisory covers a moderate severity vulnerability (CVE-2025-61728) in the golang archive/zip package used by Red Hat OpenShift Container Platform 4.20. The vulnerability causes excessive CPU consumption during the building of the archive index in archive/zip. Red Hat has released updated RPM packages and container images as part of OpenShift Container Platform 4.20.16 to address this issue. The advisory recommends upgrading to these updated packages and images when available through the appropriate release channels. Detailed upgrade instructions are provided by Red Hat documentation.
Potential Impact
The vulnerability leads to excessive CPU consumption, which can degrade system performance or availability in environments running affected versions of OpenShift Container Platform 4.20. No known exploits in the wild have been reported. The impact is rated as moderate by Red Hat Product Security.
Mitigation Recommendations
Red Hat has released updated RPM packages and container images in OpenShift Container Platform 4.20.16 that fix this vulnerability. Users should upgrade to these updated packages and images as soon as they are available via the OpenShift CLI or web console. Official upgrade instructions are provided by Red Hat and should be followed to fully apply the update. Patch status is confirmed by the vendor advisory.
Red Hat Security Advisory: OpenShift Container Platform 4.20.16 packages and security update
Description
Red Hat OpenShift Container Platform 4. 20. 16 includes a security update addressing CVE-2025-61728, a vulnerability in the golang archive/zip package that causes excessive CPU consumption when building the archive index. This issue is rated as moderate severity by Red Hat Product Security. The update is available as RPM packages and container images for OpenShift Container Platform 4. 20. Users are advised to upgrade to the updated packages and images via the OpenShift CLI or web console following official upgrade instructions.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers a moderate severity vulnerability (CVE-2025-61728) in the golang archive/zip package used by Red Hat OpenShift Container Platform 4.20. The vulnerability causes excessive CPU consumption during the building of the archive index in archive/zip. Red Hat has released updated RPM packages and container images as part of OpenShift Container Platform 4.20.16 to address this issue. The advisory recommends upgrading to these updated packages and images when available through the appropriate release channels. Detailed upgrade instructions are provided by Red Hat documentation.
Potential Impact
The vulnerability leads to excessive CPU consumption, which can degrade system performance or availability in environments running affected versions of OpenShift Container Platform 4.20. No known exploits in the wild have been reported. The impact is rated as moderate by Red Hat Product Security.
Mitigation Recommendations
Red Hat has released updated RPM packages and container images in OpenShift Container Platform 4.20.16 that fix this vulnerability. Users should upgrade to these updated packages and images as soon as they are available via the OpenShift CLI or web console. Official upgrade instructions are provided by Red Hat and should be followed to fully apply the update. Patch status is confirmed by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:3851
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a160976e29bf47b50641fe5
Added to database: 5/26/2026, 8:58:30 PM
Last enriched: 5/26/2026, 10:12:50 PM
Last updated: 5/27/2026, 4:58:45 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.