This security advisory from Red Hat addresses multiple vulnerabilities in the Red Hat Offline Knowledge Portal by upgrading Solr from version 9.8.1 to 10.0.0 and mitigating issues including CVE-2025-11143 and CVE-2026-2332 related to jetty-http. The update fixes a total of seven CVEs and includes security and content updates. The vendor provides a container image with these fixes, which can be pulled from the Red Hat container registry. The advisory does not provide a CVSS score but classifies the severity as high. There are no known exploits in the wild. The vulnerabilities involve several CWE categories such as CWE-444 (inconsistent security policy), CWE-295 (improper certificate validation), CWE-93 (improper neutralization of CRLF sequences), CWE-91 (XML injection), CWE-168 (exposure of sensitive information), and CWE-241 (improper handling of authentication).

The vulnerabilities fixed in this update could potentially allow attackers to exploit weaknesses in the Red Hat Offline Knowledge Portal's underlying components, such as jetty-http and Solr, which may lead to security policy inconsistencies, improper certificate validation, injection attacks, or exposure of sensitive information. However, there are no known exploits in the wild at this time. The update improves the security and stability of the portal by addressing these issues.

A fix is available through the updated container image provided by Red Hat, which upgrades Solr to version 10.0.0 and mitigates the identified CVEs including CVE-2025-11143 and CVE-2026-2332. Users should download and deploy the updated container image from the Red Hat container registry using the "podman pull" command as specified in the advisory. No additional mitigation steps are indicated by the vendor advisory.