Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

RED HAT — Vulnerabilities & Security Advisories 710

Browse all 710 CVE security advisories affecting RED HAT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

Top products by RED HAT: Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 6 Ansible Red Hat build of Keycloak 26.4 Red Hat Enterprise Linux 9 keycloak Red Hat Hardened Images Red Hat Build of Keycloak Red Hat build of Keycloak 26.2 Red Hat Enterprise Linux 7 glusterfs kernel newlib undertow Red Hat Single Sign-On 7 Red Hat Ansible Automation Platform 2.5 for RHEL 8 OpenShift samba Red Hat Ansible Automation Platform 2.4 for RHEL 8 ipa cloudforms cfme Red Hat Quay 3 Red Hat Advanced Cluster Security 4.2 wildfly Red Hat build of Apache Camel for Spring Boot 4 Red Hat Ansible Automation Platform 2 Red Hat Quay 3.16 Red Hat Satellite 6.16 for RHEL 8
CVE IDTitleCVSSSeverityPublished
CVE-2025-12543 Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf — Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11CWE-20 9.6 Critical2026-01-07
CVE-2025-14946 Libnbd: libnbd: arbitrary code execution via ssh argument injection through a malicious uri — libnbdCWE-88 4.8 Medium2025-12-19
CVE-2025-14443 Ose-openshift-apiserver: openshift api server: server-side request forgery (ssrf) vulnerability in imagestreamimport mechanism — Red Hat OpenShift Container Platform 4CWE-918 6.4 Medium2025-12-16
CVE-2025-14777 Keycloak: keycloak idor in realm client creating/deleting — Red Hat build of Keycloak 26.4CWE-289 6.0 Medium2025-12-16
CVE-2025-11393 Insights-runtimes-tech-preview/runtimes-inventory-rhel8-operator: improper proxy configuration allows unauthorized administrative commands — Red Hat Lightspeed (formerly Insights) for Runtimes 1.0CWE-441 8.7 High2025-12-15
CVE-2025-14523 Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins) — Red Hat Enterprise Linux 10CWE-444 8.2 High2025-12-11
CVE-2025-14082 Keycloak-services: keycloak admin rest api: improper access control leads to sensitive role metadata information disclosure — Red Hat build of Keycloak 26.4CWE-284 2.7 Low2025-12-10
CVE-2024-3884 Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded — Red Hat JBoss Enterprise Application PlatformCWE-20 7.5 High2025-12-03
CVE-2025-57850 Codeready-ws: privilege escalation via excessive /etc/passwd permissions — Red Hat OpenShift Dev SpacesCWE-276 6.4 Medium2025-12-02
CVE-2021-4472 Python-mistralclient: mistral-dashboard: local file inclusion through the 'create workbook' feature — Red Hat OpenStack Platform 13 (Queens)CWE-73 6.5 Medium2025-11-26
CVE-2025-12789 Rhsso: open redirect — Red Hat Single Sign-On 7CWE-601 6.1 Medium2025-11-06
CVE-2025-12103 Openshift-ai: trusty ai grants all authenticated users to list pods in any namespace — Red Hat OpenShift AI 2.25CWE-266 5.0 Medium2025-10-28
CVE-2025-57848 Container-native-virtualization: privilege escalation via excessive /etc/passwd permissions — Red Hat OpenShift Virtualization 4CWE-276 6.4 Medium2025-10-23
CVE-2025-6242 Vllm: server side request forgery (ssrf) in mediaconnector — Red Hat AI Inference ServerCWE-918 7.1 High2025-10-07
CVE-2025-7493 Freeipa: idm: privilege escalation from host to domain admin in freeipa — Red Hat Enterprise Linux 10CWE-1220 9.1 Critical2025-09-30
CVE-2025-57852 Openshift-ai: privilege escalation via excessive /etc/passwd permissions — Red Hat OpenShift AI 2.16CWE-276 6.4 Medium2025-09-30
CVE-2025-5962 Rhel-lightspeed: improper access control in lightspeed history management allows local privilege manipulation — Red Hat Enterprise Linux 10CWE-284 7.7 High2025-09-22
CVE-2025-9901 Libsoup: improper handling of http vary header in libsoup caching — Red Hat Enterprise Linux 10CWE-524 5.9 Medium2025-09-03
CVE-2025-7039 Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file() — Red Hat Enterprise Linux 10CWE-22 3.7 Low2025-09-03
CVE-2025-4437 Cri-o: large /etc/passwd file may lead to denial of service — Red Hat OpenShift Container Platform 4CWE-770 5.7 Medium2025-08-20
CVE-2025-7777 Mirror-registry: host header injection in mirror-registry — mirror registry for Red Hat OpenShift 6.5 Medium2025-08-20
CVE-2025-5417 Rhdh: red hat developer hub user permissions — Red Hat Developer HubCWE-266 6.1 Medium2025-08-19
CVE-2025-53861 Aap: sensitive cookie(s) set without security flags — Red Hat Ansible Automation Platform 2CWE-319 3.1 Low2025-07-11
CVE-2025-53862 Aap: aap-gateway: automation-hub: sensitive information disclosure — Red Hat Ansible Automation Platform 2CWE-497 3.5 Low2025-07-11
CVE-2025-6920 Ai-inference-server: authentication bypass via unprotected inference endpoint in api — Red Hat AI Inference ServerCWE-306 5.3 Medium2025-07-01
CVE-2025-49520 Event-driven-ansible: authenticated argument injection in git url in eda project creation — Red Hat Ansible Automation Platform 2.5 for RHEL 8CWE-88 8.8 High2025-06-30
CVE-2025-49521 Event-driven-ansible: template injection via git branch and refspec in eda projects — Red Hat Ansible Automation Platform 2.5 for RHEL 8CWE-94 8.8 High2025-06-30
CVE-2025-5731 Infinispan: credential leakage in infinispan cli — infinispanCWE-209 5.5 Medium2025-06-26
CVE-2025-5416 Keycloak-core: keycloak environment information — Red Hat Build of KeycloakCWE-497 2.7 Low2025-06-20
CVE-2025-6052 Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring — Red Hat Enterprise Linux 10CWE-190 3.7 Low2025-06-13

This page lists every published CVE security advisory associated with RED HAT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.