Threats Tagged 'cve-2026-29074'

Red Hat Ansible Automation Platform 2. 5 for RHEL 8 and 9 contains multiple security vulnerabilities including account hijacking via unverified email linking, denial of service through malformed HTML-like sequences and XML entity expansion, remote code execution via path traversal, memory exhaustion, and parsing errors. These issues affect various components such as automation-controller, automation-gateway, python libraries, and receptor. Red Hat has released an important security advisory (RHSA-2026:13512) addressing these vulnerabilities with updated packages. Users of affected versions should apply the provided updates to remediate these issues.

Red Hat Quay 3. 9. 20 is a security advisory issued by Red Hat Product Security addressing multiple vulnerabilities identified by eight CVEs including CVE-2026-4599. The advisory indicates the release of version 3. 9. 20 containing bug fixes but does not specify detailed technical information or explicit fixes for these vulnerabilities. No known exploits in the wild have been reported. The advisory recommends applying this update after ensuring all previous relevant errata are applied.

Red Hat has issued a security advisory for Red Hat Ansible Automation Platform 2. 6 container release update addressing multiple vulnerabilities. The update includes fixes for a total of 24 CVEs affecting the platform, which provides an enterprise framework for IT automation. The advisory emphasizes applying all previously released errata before this update. No known exploits are reported in the wild. The vulnerabilities cover a broad range of weaknesses as indicated by multiple CWE identifiers. The update is classified with high severity.

Red Hat Developer Hub (RHDH) version 1. 9. 4 addresses multiple critical security vulnerabilities affecting its enterprise-grade developer portal platform. RHDH is a self-managed, customizable portal based on Backstage. io, supporting major Kubernetes clusters. The advisory references 25 CVEs including CVE-2025-62718 and others, indicating a broad set of security issues. The vendor has released RHDH 1. 9. 4 to fix these vulnerabilities. No known exploits are reported in the wild at this time.

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. For details about this release, refer to the release notes listed in the References section.

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. For details about this release, refer to the release notes listed in the References section.

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. For details about this release, refer to the release notes listed in the References section.

Release of RHOAI 2.16.4 provides these changes:

Quay 3.15.4

The Red Hat Trusted Artifact Signer (RHTAS) Operator version 1. 3. 4 is associated with multiple vulnerabilities, including CVE-2025-68121 and seven others. It is designed for use with OpenShift Container Platform versions 4. 16 through 4. 21 to facilitate cryptographic signing and verification of software artifacts. The advisory does not specify any fixes or patches for these vulnerabilities. No known exploits are reported in the wild. The vulnerabilities have been classified with a high severity level by the source, but no CVSS score is provided.