The RHEL-8 based Middleware Containers container images have been updated to incorporate patches from Red Hat Security Advisory RHSA-2025:11534, addressing multiple security vulnerabilities primarily in Git and related tools. Notable fixes include CVE-2025-48384 (Git arbitrary code execution), CVE-2025-48385 (Git arbitrary file writes), and other credential-related vulnerabilities (CVE-2024-50349, CVE-2024-52006). These vulnerabilities could allow unauthorized code execution, file manipulation, or credential leakage if exploited. The updated container images are available in the Red Hat Container Registry, and users are encouraged to upgrade and rebuild dependent images. The advisory applies to Red Hat OpenShift Container Platform 4.10 to 4.12 on RHEL 8 x86_64 architectures. The vendor has provided official fixes and detailed remediation instructions.

The vulnerabilities fixed by this advisory include arbitrary code execution and arbitrary file write flaws in Git, which could allow an attacker to execute malicious code or overwrite files with user write permissions. Additional issues involve credential exfiltration due to improper sanitization of URLs and newline confusion in credential helpers. These issues pose a high security risk to systems using affected container images, potentially compromising confidentiality, integrity, and availability of the affected environments. No known exploits in the wild have been reported so far.

Red Hat has released updated RHEL-8 based Middleware Containers container images that include backported patches for the identified vulnerabilities. Users should upgrade to these updated images available from the Red Hat Container Registry and rebuild all container images that depend on them. Dockerfiles and scripts should be updated to reference the new or latest images. Following the vendor's official update and rebuild instructions fully mitigates the vulnerabilities addressed by this advisory.