Threats Tagged 'cve-2025-29781'

Red Hat OpenShift Container Platform 4. 19. 0 includes multiple security fixes addressing vulnerabilities in various Golang libraries and the Bare Metal Operator. These issues range from authorization bypass, denial of service, to secret exposure across namespaces. Users of OpenShift Container Platform 4. 19 are advised to upgrade to the updated packages and container images as soon as they are available through official release channels.

Red Hat OpenShift Container Platform 4. 16. 39 includes security updates addressing two vulnerabilities: CVE-2025-29781 and CVE-2025-30204. CVE-2025-29781 affects the Bare Metal Operator (BMO), allowing exposure of secrets from other namespaces via the BMCEventSubscription Custom Resource Definition (CRD). CVE-2025-30204 involves the golang-jwt/jwt library, where jwt-go permits excessive memory allocation during header parsing. Red Hat has released updated container images and packages to fix these issues and advises all OpenShift Container Platform 4. 16 users to upgrade accordingly. Instructions for upgrading are available via the OpenShift CLI or web console. The vendor rates the security impact as Important (high severity). No known exploits in the wild have been reported at this time.

Red Hat OpenShift Container Platform 4. 14. 51 includes important security updates addressing multiple vulnerabilities. These include excessive memory allocation during JWT header parsing, a panic caused by missing YAML content in Helm, out-of-bounds reads in the ALSA USB audio kernel driver, and secret exposure via the Bare Metal Operator's BMCEventSubscription CRD. Users of OpenShift Container Platform 4. 14 are advised to upgrade to this release to mitigate these issues. Detailed upgrade instructions and updated container images are provided by Red Hat. No known exploits in the wild have been reported at this time.