Threats Tagged 'cve-2025-58754'

Red Hat Advanced Cluster Management for Kubernetes version 2. 13. 5 includes a security update addressing multiple vulnerabilities identified by CVE-2025-7195 and related CVEs. The update provides new features, enhancements, bug fixes, and updated container images. The advisory highlights fixes for issues such as operator installation UI problems, pod crashes, race conditions in metric collection, and other stability and security improvements. No known exploits are reported in the wild. The update is classified as a moderate security advisory by Red Hat with a high severity rating in this report. Patch status is not explicitly confirmed in the advisory content, but updated container images are provided, indicating remediation is available through updating to the 2. 13. 5 release.

Red Hat Quay 3. 16. 0 addresses multiple security vulnerabilities identified by CVE-2024-34156 and three additional CVEs from 2025. The advisory indicates that this release includes important bug fixes and security updates. The vulnerabilities are associated with CWEs 674 (Improper Control of a Resource Through its Lifetime) and 770 (Allocation of Resources Without Limits or Throttling). No known exploits are reported in the wild. The vendor advisory does not provide a CVSS score but classifies the severity as high. The update is available as Red Hat Quay 3. 16. 0, and users are advised to apply this update after ensuring all previous relevant errata are installed.

Red Hat Advanced Cluster Management for Kubernetes version 2. 13. 5 includes a security update addressing multiple vulnerabilities. The update provides new features, enhancements, bug fixes, and updated container images. The advisory references seven CVEs, including CVE-2025-7195 and others, affecting the product. No known exploits in the wild have been reported. The update is classified as high severity. The vendor advisory does not explicitly state the patch availability status but provides updated container images as part of the release. Users are advised to apply this update after ensuring previous relevant errata are applied.

Red Hat OpenShift GitOps version 1. 17. 4 includes multiple security fixes addressing vulnerabilities such as SSH client panics, unbounded memory allocation, and denial of service via uncontrolled recursion and lack of data size checks. These issues affect components like argocd-agent, argocd, dex, and argocd-extensions. The update resolves six CVEs including CVE-2025-47913 and CVE-2025-68156. The advisory emphasizes applying this update after all prior relevant errata have been installed.

Red Hat Quay 3. 15. 3 is a security update addressing multiple vulnerabilities and bugs. The advisory references CVE-2024-34156 among 15 other CVEs, indicating a collection of security issues fixed in this release. The update includes fixes for UI bugs and security-related issues identified in previous versions. No known exploits are reported in the wild for these vulnerabilities. The advisory does not provide detailed technical descriptions or CVSS scores for the individual CVEs. The update is classified as important with a high severity level.

Red Hat Multicluster Global Hub 1. 6. 2 includes a security update addressing multiple vulnerabilities identified by several CVEs. The product enables management of multiple hub clusters from a single hub cluster. The update is rated with an Important security impact by Red Hat Product Security. The advisory references a set of 10 CVEs including CVE-2025-47907 and others, but does not provide detailed technical descriptions or CVSS scores for these vulnerabilities. No known exploits in the wild have been reported. The update includes security fixes, bug fixes, and updated container images.