Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.1 security update
Red Hat OpenShift GitOps versions prior to v1. 19. 1 contain security vulnerabilities including CVE-2025-55190 and CVE-2025-58183. These issues involve unbounded memory allocation when parsing GNU sparse maps and other bugs affecting components such as argocd-rhel8 and dex-rhel8. Red Hat has released an important security update in version 1. 19. 1 addressing these vulnerabilities along with several bug fixes and enhancements. No known exploits are reported in the wild at this time. Users are advised to apply the update after ensuring all prior errata are installed.
AI Analysis
Technical Summary
This advisory covers security vulnerabilities in Red Hat OpenShift GitOps, specifically CVE-2025-55190 and CVE-2025-58183. The vulnerabilities include unbounded allocation during parsing of GNU sparse maps in argocd-rhel8 and dex-rhel8 components, which could lead to resource exhaustion. The update to version 1.19.1 includes fixes for these issues along with other bug fixes such as preventing automatic repository refresh in Argo CD and resolving issues with haproxy replicas during HA upgrades. The advisory references Red Hat Product Security errata RHSA-2026:1488 as the authoritative source for remediation.
Potential Impact
The vulnerabilities could allow an attacker to cause unbounded memory allocation, potentially leading to denial of service conditions in affected components of Red Hat OpenShift GitOps. The severity is rated high by Red Hat. There are no reports of active exploitation in the wild. The impact is primarily on resource consumption and stability of the affected GitOps components.
Mitigation Recommendations
Red Hat has released OpenShift GitOps version 1.19.1 which addresses the identified vulnerabilities. Users should apply this update after confirming that all previously released errata relevant to their systems have been installed. Detailed update instructions are available in the Red Hat advisory RHSA-2026:1488. No additional mitigation steps are indicated by the vendor advisory.
Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.1 security update
Description
Red Hat OpenShift GitOps versions prior to v1. 19. 1 contain security vulnerabilities including CVE-2025-55190 and CVE-2025-58183. These issues involve unbounded memory allocation when parsing GNU sparse maps and other bugs affecting components such as argocd-rhel8 and dex-rhel8. Red Hat has released an important security update in version 1. 19. 1 addressing these vulnerabilities along with several bug fixes and enhancements. No known exploits are reported in the wild at this time. Users are advised to apply the update after ensuring all prior errata are installed.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers security vulnerabilities in Red Hat OpenShift GitOps, specifically CVE-2025-55190 and CVE-2025-58183. The vulnerabilities include unbounded allocation during parsing of GNU sparse maps in argocd-rhel8 and dex-rhel8 components, which could lead to resource exhaustion. The update to version 1.19.1 includes fixes for these issues along with other bug fixes such as preventing automatic repository refresh in Argo CD and resolving issues with haproxy replicas during HA upgrades. The advisory references Red Hat Product Security errata RHSA-2026:1488 as the authoritative source for remediation.
Potential Impact
The vulnerabilities could allow an attacker to cause unbounded memory allocation, potentially leading to denial of service conditions in affected components of Red Hat OpenShift GitOps. The severity is rated high by Red Hat. There are no reports of active exploitation in the wild. The impact is primarily on resource consumption and stability of the affected GitOps components.
Mitigation Recommendations
Red Hat has released OpenShift GitOps version 1.19.1 which addresses the identified vulnerabilities. Users should apply this update after confirming that all previously released errata relevant to their systems have been installed. Detailed update instructions are available in the Red Hat advisory RHSA-2026:1488. No additional mitigation steps are indicated by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:1488
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-58183"]
- Cvss Version
- null
Threat ID: 6a16096fe29bf47b506375d6
Added to database: 5/26/2026, 8:58:23 PM
Last enriched: 5/27/2026, 12:51:58 AM
Last updated: 5/27/2026, 4:50:40 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.