Red Hat Security Advisory: Red Hat OpenShift GitOps v1.16.4 security update
An update is now available for Red Hat OpenShift GitOps. Bug Fix(es) and Enhancement(s): * GITOPS-6703 (After Upgrade to v.1.16 not able to add --metrics-application-labels in spec.controller.extraCommandArgs with multiple values) * GITOPS-7180 (Redis HA Proxy pod fails to start with Security Context error) * GITOPS-7461 (Redis container fails with "runAsNonRoot and image will run as root" after upgrade to argocd-operator 0.14.1)
AI Analysis
Technical Summary
This security advisory from Red Hat addresses multiple vulnerabilities and bugs in Red Hat OpenShift GitOps 1.16.4. The update resolves issues including GITOPS-6703 (problems adding multiple --metrics-application-labels), GITOPS-7180 (Redis HA Proxy pod startup failure due to security context errors), and GITOPS-7461 (Redis container failing due to runAsNonRoot conflicts after upgrading argocd-operator). The advisory references six CVEs (CVE-2025-22874, CVE-2025-47907, CVE-2025-55191, CVE-2025-59531, CVE-2025-59537, CVE-2025-59538) and multiple CWEs related to security and concurrency issues. The vendor has released a fixed version (v1.16.4) and recommends applying this update after prior errata. No cloud service is involved, and no known exploits have been reported.
Potential Impact
The vulnerabilities and bugs fixed in this update could cause failures in critical components of Red Hat OpenShift GitOps, such as Redis HA Proxy pods and Redis containers, potentially impacting the availability and security context enforcement of the system. The issues include security context errors and configuration problems that could prevent proper operation of GitOps components. The advisory rates the severity as high but does not report any active exploitation in the wild.
Mitigation Recommendations
A fixed version of Red Hat OpenShift GitOps (v1.16.4) is available and should be applied. Red Hat advises ensuring all previously released errata relevant to the system are applied before updating. No additional mitigation steps are indicated beyond applying this official update. There are no indications that the issues are already mitigated or require no action.
Red Hat Security Advisory: Red Hat OpenShift GitOps v1.16.4 security update
Description
An update is now available for Red Hat OpenShift GitOps. Bug Fix(es) and Enhancement(s): * GITOPS-6703 (After Upgrade to v.1.16 not able to add --metrics-application-labels in spec.controller.extraCommandArgs with multiple values) * GITOPS-7180 (Redis HA Proxy pod fails to start with Security Context error) * GITOPS-7461 (Redis container fails with "runAsNonRoot and image will run as root" after upgrade to argocd-operator 0.14.1)
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This security advisory from Red Hat addresses multiple vulnerabilities and bugs in Red Hat OpenShift GitOps 1.16.4. The update resolves issues including GITOPS-6703 (problems adding multiple --metrics-application-labels), GITOPS-7180 (Redis HA Proxy pod startup failure due to security context errors), and GITOPS-7461 (Redis container failing due to runAsNonRoot conflicts after upgrading argocd-operator). The advisory references six CVEs (CVE-2025-22874, CVE-2025-47907, CVE-2025-55191, CVE-2025-59531, CVE-2025-59537, CVE-2025-59538) and multiple CWEs related to security and concurrency issues. The vendor has released a fixed version (v1.16.4) and recommends applying this update after prior errata. No cloud service is involved, and no known exploits have been reported.
Potential Impact
The vulnerabilities and bugs fixed in this update could cause failures in critical components of Red Hat OpenShift GitOps, such as Redis HA Proxy pods and Redis containers, potentially impacting the availability and security context enforcement of the system. The issues include security context errors and configuration problems that could prevent proper operation of GitOps components. The advisory rates the severity as high but does not report any active exploitation in the wild.
Mitigation Recommendations
A fixed version of Red Hat OpenShift GitOps (v1.16.4) is available and should be applied. Red Hat advises ensuring all previously released errata relevant to the system are applied before updating. No additional mitigation steps are indicated beyond applying this official update. There are no indications that the issues are already mitigated or require no action.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:17730
- Cve Count
- 6
- Additional Cves
- ["CVE-2025-47907","CVE-2025-55191","CVE-2025-59531","CVE-2025-59537","CVE-2025-59538"]
- Cvss Version
- null
Threat ID: 6a19febee29bf47b500fdabe
Added to database: 5/29/2026, 9:01:50 PM
Last enriched: 5/29/2026, 9:07:46 PM
Last updated: 5/31/2026, 4:56:58 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.