Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-7338 (GCVE-0-2025-7338)
Vulnerability from cvelistv5 – Published: 2025-07-17 15:26 – Updated: 2025-07-17 16:48
VLAI
EPSS
Title
Multer vulnerable to Denial of Service via unhandled exception from malformed request
Summary
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.2 to receive a patch. No known workarounds are available.
Severity
7.5 (High)
CWE
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T16:48:34.245218Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T16:48:43.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "multer",
"vendor": "expressjs",
"versions": [
{
"lessThan": "2.0.2",
"status": "affected",
"version": "1.4.4-lts.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.2 to receive a patch. No known workarounds are available."
}
],
"value": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.2 to receive a patch. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T15:26:45.427Z",
"orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"shortName": "openjs"
},
"references": [
{
"url": "https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p"
},
{
"url": "https://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143b"
},
{
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Multer vulnerable to Denial of Service via unhandled exception from malformed request",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
"assignerShortName": "openjs",
"cveId": "CVE-2025-7338",
"datePublished": "2025-07-17T15:26:45.427Z",
"dateReserved": "2025-07-07T20:01:12.534Z",
"dateUpdated": "2025-07-17T16:48:43.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-7338",
"date": "2026-05-31",
"epss": "0.0004",
"percentile": "0.12598"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-7338\",\"sourceIdentifier\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"published\":\"2025-07-17T16:15:35.227\",\"lastModified\":\"2025-07-17T21:15:50.197\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.2 to receive a patch. No known workarounds are available.\"},{\"lang\":\"es\",\"value\":\"Multer es un middleware de Node.js para gestionar `multipart/form-data`. Una vulnerabilidad presente a partir de la versi\u00f3n 1.4.4-lts.1 y anteriores a la 2.0.2 permite a un atacante activar una denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de una solicitud de carga multiparte malformada. Esta solicitud provoca una excepci\u00f3n no controlada, lo que provoca un bloqueo del proceso. Los usuarios deben actualizar a la versi\u00f3n 2.0.2 para recibir un parche. No se conocen soluciones alternativas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-248\"}]}],\"references\":[{\"url\":\"https://cna.openjsf.org/security-advisories.html\",\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\"},{\"url\":\"https://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143b\",\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\"},{\"url\":\"https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p\",\"source\":\"ce714d77-add3-4f53-aff5-83d477b104bb\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-7338\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-17T16:48:34.245218Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-17T16:48:38.891Z\"}}], \"cna\": {\"title\": \"Multer vulnerable to Denial of Service via unhandled exception from malformed request\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"expressjs\", \"product\": \"multer\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.4.4-lts.1\", \"lessThan\": \"2.0.2\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p\"}, {\"url\": \"https://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143b\"}, {\"url\": \"https://cna.openjsf.org/security-advisories.html\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.2 to receive a patch. No known workarounds are available.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.2 to receive a patch. No known workarounds are available.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-248\", \"description\": \"CWE-248\"}]}], \"providerMetadata\": {\"orgId\": \"ce714d77-add3-4f53-aff5-83d477b104bb\", \"shortName\": \"openjs\", \"dateUpdated\": \"2025-07-17T15:26:45.427Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-7338\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-17T16:48:43.154Z\", \"dateReserved\": \"2025-07-07T20:01:12.534Z\", \"assignerOrgId\": \"ce714d77-add3-4f53-aff5-83d477b104bb\", \"datePublished\": \"2025-07-17T15:26:45.427Z\", \"assignerShortName\": \"openjs\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2025:14090
Vulnerability from csaf_redhat - Published: 2025-08-19 11:33 - Updated: 2026-05-12 11:14Summary
Red Hat Security Advisory: Red Hat Developer Hub 1.7.0 release.
Severity
Important
Notes
Topic: Red Hat Developer Hub 1.7.0 has been released.
Details: Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An insufficient access control vulnerability was found in the Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespace, can access the rhdh/rhdh-hub-rhel9 container image and modify the image's content. This issue affects the confidentiality and integrity of the data, and any changes made are not permanent, as they reset after the pod restarts.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the npm pbkdf2 library, allowing signature spoofing. When executing in javascript engines other than Nodejs or Nodejs when importing pbkdf2/browser, certain algorithms will silently fail and return invalid data. The return values are predictable, which undermines the security guarantees of the package.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64 | — |
Threats
Impact
Important
A denial of service vulnerability was found in the Multer NPM library. This vulnerability allows an attacker to trigger a denial of service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, resulting in a process crash.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in proxy host matching. This vulnerability allows improper bypassing of proxy settings via manipulating an IPv6 zone ID, causing unintended matches against the NO_PROXY environment variable.
4.4 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found http-proxy-middleware. This vulnerability affects http-proxy-middleware versions where the writeBody function can be called twice due to improper control flow handling.
4.0 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in http-proxy-middleware. The issue occurs because the fixRequestBody function proceeds even when bodyParser has failed, which could lead to unintended behavior.
4.0 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in tar-fs. This vulnerability allows files to be written outside the intended extraction directory via specially crafted tar archives. The issue arises from insufficient path validation during tarball extraction, potentially enabling path traversal attacks that can overwrite arbitrary files on the system.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64 | — |
Workaround
|
Threats
Impact
Important
An unhandled exception flaw was found in multer. This issue allows an attacker to trigger an application level denial of service by sending an upload file request with an empty string field name, which triggers an exception in processing that is not properly handled. This issue will lead to a program crash.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A signature verification flaw was found in the npm @node-saml/node-saml library. This flaw allows an attacker who has access to a validly signed document from the identity provider (IdP) to alter the content of the document, modify the details within the document, and have the modifications be accepted.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64 | — |
Workaround
|
Threats
Impact
Important
References
80 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Developer Hub 1.7.0 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:14090",
"url": "https://access.redhat.com/errata/RHSA-2025:14090"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22870",
"url": "https://access.redhat.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-32996",
"url": "https://access.redhat.com/security/cve/CVE-2025-32996"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-32997",
"url": "https://access.redhat.com/security/cve/CVE-2025-32997"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48387",
"url": "https://access.redhat.com/security/cve/CVE-2025-48387"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48997",
"url": "https://access.redhat.com/security/cve/CVE-2025-48997"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-5417",
"url": "https://access.redhat.com/security/cve/CVE-2025-5417"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-54419",
"url": "https://access.redhat.com/security/cve/CVE-2025-54419"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6545",
"url": "https://access.redhat.com/security/cve/CVE-2025-6545"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-7338",
"url": "https://access.redhat.com/security/cve/CVE-2025-7338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
"url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
},
{
"category": "external",
"summary": "https://developers.redhat.com/rhdh/overview",
"url": "https://developers.redhat.com/rhdh/overview"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
"url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-6469",
"url": "https://issues.redhat.com/browse/RHIDP-6469"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-6470",
"url": "https://issues.redhat.com/browse/RHIDP-6470"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-6937",
"url": "https://issues.redhat.com/browse/RHIDP-6937"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14090.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Developer Hub 1.7.0 release.",
"tracking": {
"current_release_date": "2026-05-12T11:14:42+00:00",
"generator": {
"date": "2026-05-12T11:14:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2025:14090",
"initial_release_date": "2025-08-19T11:33:06+00:00",
"revision_history": [
{
"date": "2025-08-19T11:33:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-19T11:33:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-12T11:14:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Hub 1.7",
"product": {
"name": "Red Hat Developer Hub 1.7",
"product_id": "Red Hat Developer Hub 1.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhdh:1.7::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-hub-rhel9@sha256%3Aaa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1.7.0-1754936470"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-rhel9-operator@sha256%3A72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1.7.0-1754935808"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-operator-bundle@sha256%3A7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1.7.0-1754942441"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64 as a component of Red Hat Developer Hub 1.7",
"product_id": "Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64 as a component of Red Hat Developer Hub 1.7",
"product_id": "Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64 as a component of Red Hat Developer Hub 1.7",
"product_id": "Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-5417",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2025-05-31T22:35:41+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369602"
}
],
"notes": [
{
"category": "description",
"text": "An insufficient access control vulnerability was found in the Red Hat\nDeveloper Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespace, can access the\nrhdh/rhdh-hub-rhel9 container image and modify the image\u0027s content. This issue affects the confidentiality and integrity of the data, and any changes made are not permanent, as they reset after the pod restarts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhdh: Red Hat Developer Hub user permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Developer Hub 1.6 is not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5417"
},
{
"category": "external",
"summary": "RHBZ#2369602",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369602"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5417",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5417"
}
],
"release_date": "2025-08-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-19T11:33:06+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14090"
},
{
"category": "workaround",
"details": "Red Hat Developer Hub 1.5 contains mitigation guidelines present at https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.5/html/configuring_red_hat_developer_hub/readonlyrootfilesystem",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rhdh: Red Hat Developer Hub user permissions"
},
{
"cve": "CVE-2025-6545",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-06-23T19:00:51.575615+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374370"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm pbkdf2 library, allowing signature spoofing. When executing in javascript engines other than Nodejs or Nodejs when importing pbkdf2/browser, certain algorithms will silently fail and return invalid data. The return values are predictable, which undermines the security guarantees of the package.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pbkdf2: pbkdf2 silently returns predictable key material",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated important because it causes the pbkdf2 module to quietly return weak or zero-filled keys when certain algorithm names are used incorrectly in browsers or bundled code, this causes the function to silently return a predictable value (such as a zero-filled buffer or uninitialized memory) instead of a securely derived key, completely undermining the confidentiality and integrity of any cryptographic operation where attackers could guess or reuse these keys to access or change protected data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6545"
},
{
"category": "external",
"summary": "RHBZ#2374370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6545"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078",
"url": "https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb",
"url": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6",
"url": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6"
}
],
"release_date": "2025-06-23T18:41:18.771000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-19T11:33:06+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14090"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pbkdf2: pbkdf2 silently returns predictable key material"
},
{
"cve": "CVE-2025-7338",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2025-07-17T16:00:55.704118+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2381726"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Multer NPM library. This vulnerability allows an attacker to trigger a denial of service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, resulting in a process crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "multer: Multer Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-7338"
},
{
"category": "external",
"summary": "RHBZ#2381726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-7338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-7338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7338"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143b",
"url": "https://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p",
"url": "https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p"
}
],
"release_date": "2025-07-17T15:26:45.427000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-19T11:33:06+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14090"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "multer: Multer Denial of Service"
},
{
"cve": "CVE-2025-22870",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-03-12T19:00:59.178193+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2351766"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in proxy host matching. This vulnerability allows improper bypassing of proxy settings via manipulating an IPv6 zone ID, causing unintended matches against the NO_PROXY environment variable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "RHBZ#2351766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22870",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22870"
},
{
"category": "external",
"summary": "https://go.dev/cl/654697",
"url": "https://go.dev/cl/654697"
},
{
"category": "external",
"summary": "https://go.dev/issue/71984",
"url": "https://go.dev/issue/71984"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3503",
"url": "https://pkg.go.dev/vuln/GO-2025-3503"
}
],
"release_date": "2025-03-12T18:27:59.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-19T11:33:06+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14090"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/proxy: golang.org/x/net/http/httpproxy: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net"
},
{
"cve": "CVE-2025-32996",
"cwe": {
"id": "CWE-670",
"name": "Always-Incorrect Control Flow Implementation"
},
"discovery_date": "2025-04-15T03:00:44.384011+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2359627"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found http-proxy-middleware. This vulnerability affects http-proxy-middleware versions where the writeBody function can be called twice due to improper control flow handling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-proxy-middleware: Always-Incorrect Control Flow Implementation in http-proxy-middleware",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32996"
},
{
"category": "external",
"summary": "RHBZ#2359627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32996"
},
{
"category": "external",
"summary": "https://github.com/chimurai/http-proxy-middleware/commit/020976044d113fc0bcbbaf995e91d05e2829a145",
"url": "https://github.com/chimurai/http-proxy-middleware/commit/020976044d113fc0bcbbaf995e91d05e2829a145"
},
{
"category": "external",
"summary": "https://github.com/chimurai/http-proxy-middleware/pull/1089",
"url": "https://github.com/chimurai/http-proxy-middleware/pull/1089"
},
{
"category": "external",
"summary": "https://github.com/chimurai/http-proxy-middleware/releases/tag/v2.0.8",
"url": "https://github.com/chimurai/http-proxy-middleware/releases/tag/v2.0.8"
},
{
"category": "external",
"summary": "https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.4",
"url": "https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.4"
}
],
"release_date": "2025-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-19T11:33:06+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14090"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-proxy-middleware: Always-Incorrect Control Flow Implementation in http-proxy-middleware"
},
{
"cve": "CVE-2025-32997",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"discovery_date": "2025-04-15T03:00:47.160071+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2359628"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in http-proxy-middleware. The issue occurs because the fixRequestBody function proceeds even when bodyParser has failed, which could lead to unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-proxy-middleware: Improper Check for Unusual or Exceptional Conditions in http-proxy-middleware",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32997"
},
{
"category": "external",
"summary": "RHBZ#2359628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359628"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32997"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32997",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32997"
},
{
"category": "external",
"summary": "https://github.com/chimurai/http-proxy-middleware/commit/1bdccbeec243850f1d2bb50ea0ff2151e725d67e",
"url": "https://github.com/chimurai/http-proxy-middleware/commit/1bdccbeec243850f1d2bb50ea0ff2151e725d67e"
},
{
"category": "external",
"summary": "https://github.com/chimurai/http-proxy-middleware/pull/1096",
"url": "https://github.com/chimurai/http-proxy-middleware/pull/1096"
},
{
"category": "external",
"summary": "https://github.com/chimurai/http-proxy-middleware/releases/tag/v2.0.9",
"url": "https://github.com/chimurai/http-proxy-middleware/releases/tag/v2.0.9"
},
{
"category": "external",
"summary": "https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.5",
"url": "https://github.com/chimurai/http-proxy-middleware/releases/tag/v3.0.5"
}
],
"release_date": "2025-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-19T11:33:06+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14090"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-proxy-middleware: Improper Check for Unusual or Exceptional Conditions in http-proxy-middleware"
},
{
"cve": "CVE-2025-48387",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-02T20:00:45.526571+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369875"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in tar-fs. This vulnerability allows files to be written outside the intended extraction directory via specially crafted tar archives. The issue arises from insufficient path validation during tarball extraction, potentially enabling path traversal attacks that can overwrite arbitrary files on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tar-fs: tar-fs has issue where extract can write outside the specified dir with a specific tarball",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in tar-fs is Important not a moderate flaw, primarily due to its ability to bypass directory confinement during tarball extraction. The core issue\u2014path traversal via crafted archive entries\u2014allows attackers to write files outside the intended extraction directory, potentially overwriting system files, configuration files, or injecting malicious scripts into sensitive locations. Unlike moderate flaws that may require specific conditions or user interaction to exploit, this vulnerability can be triggered automatically in server-side environments that extract user-supplied tar files (e.g., CI/CD systems, deployment tools, or file upload handlers). Its exploitation could lead to remote code execution, privilege escalation, or denial of service, depending on the context.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48387"
},
{
"category": "external",
"summary": "RHBZ#2369875",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369875"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48387"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48387",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48387"
},
{
"category": "external",
"summary": "https://github.com/mafintosh/tar-fs/commit/647447b572bc135c41035e82ca7b894f02b17f0f",
"url": "https://github.com/mafintosh/tar-fs/commit/647447b572bc135c41035e82ca7b894f02b17f0f"
},
{
"category": "external",
"summary": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-8cj5-5rvv-wf4v",
"url": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-8cj5-5rvv-wf4v"
}
],
"release_date": "2025-06-02T19:20:18.220000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-19T11:33:06+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14090"
},
{
"category": "workaround",
"details": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tar-fs: tar-fs has issue where extract can write outside the specified dir with a specific tarball"
},
{
"cve": "CVE-2025-48997",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2025-06-03T19:01:06.246004+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370084"
}
],
"notes": [
{
"category": "description",
"text": "An unhandled exception flaw was found in multer. This issue allows an attacker to trigger an application level denial of service by sending an upload file request with an empty string field name, which triggers an exception in processing that is not properly handled. This issue will lead to a program crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "multer: Multer vulnerable to Denial of Service via unhandled exception",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The denial of service impact is limited to the program that integrates multer. The host operating system is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48997"
},
{
"category": "external",
"summary": "RHBZ#2370084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370084"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48997"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48997",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48997"
},
{
"category": "external",
"summary": "https://github.com/expressjs/multer/commit/35a3272b611945155e046dd5cef11088587635e9",
"url": "https://github.com/expressjs/multer/commit/35a3272b611945155e046dd5cef11088587635e9"
},
{
"category": "external",
"summary": "https://github.com/expressjs/multer/issues/1233",
"url": "https://github.com/expressjs/multer/issues/1233"
},
{
"category": "external",
"summary": "https://github.com/expressjs/multer/pull/1256",
"url": "https://github.com/expressjs/multer/pull/1256"
},
{
"category": "external",
"summary": "https://github.com/expressjs/multer/security/advisories/GHSA-g5hg-p3ph-g8qg",
"url": "https://github.com/expressjs/multer/security/advisories/GHSA-g5hg-p3ph-g8qg"
}
],
"release_date": "2025-06-03T18:21:59.527000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-19T11:33:06+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14090"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "multer: Multer vulnerable to Denial of Service via unhandled exception"
},
{
"cve": "CVE-2025-54419",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-07-28T20:02:41.635540+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2384049"
}
],
"notes": [
{
"category": "description",
"text": "A signature verification flaw was found in the npm @node-saml/node-saml library. This flaw allows an attacker who has access to a validly signed document from the identity provider (IdP) to alter the content of the document, modify the details within the document, and have the modifications be accepted.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@node-saml/node-saml: Node-SAML Signature Verification Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a Important impact authn-bypass, not a Moderate bug, because it breaks the core trust boundary of SAML: the service provider (SP) makes authorization decisions based on an assertion it believes is protected by the IdP\u2019s XML signature. In @node-saml/node-saml \u22645.0.1, the library verifies the signature over one part of the response but then parses/uses fields from the original, unsigned document, a classic signature-wrapping/mismatch flaw. An attacker who possesses any validly signed SAML response (e.g., their own login, a captured response, or one from a lower-privileged account) can alter critical elements\u2014such as the Subject/NameID (e.g., drop a character to map to a different user), group/role attributes, AuthnContext, or Conditions\u2014without invalidating the signature, and the SP will accept the modified values. That enables account takeover, privilege escalation, MFA/step-up bypass (via AuthnContext changes), and policy circumvention across every SP relying on this library. The only prerequisite is access to a single signed response; no IdP compromise is required.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-54419"
},
{
"category": "external",
"summary": "RHBZ#2384049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2384049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-54419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54419"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-54419",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54419"
},
{
"category": "external",
"summary": "https://github.com/node-saml/node-saml/commit/31ead9411ebc3e2385086fa9149b6c17732bca10",
"url": "https://github.com/node-saml/node-saml/commit/31ead9411ebc3e2385086fa9149b6c17732bca10"
},
{
"category": "external",
"summary": "https://github.com/node-saml/node-saml/releases/tag/v5.1.0",
"url": "https://github.com/node-saml/node-saml/releases/tag/v5.1.0"
},
{
"category": "external",
"summary": "https://github.com/node-saml/node-saml/security/advisories/GHSA-4mxg-3p6v-xgq3",
"url": "https://github.com/node-saml/node-saml/security/advisories/GHSA-4mxg-3p6v-xgq3"
}
],
"release_date": "2025-07-28T19:47:46.584000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-19T11:33:06+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14090"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:aa3c5b50c65aee51b932fafcbf479ce54f15496cffc2744860bd9e135cce815c_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7dad33bce18ec8417e9345ce8cdd39f3c9bfd637cecc8ce6750fa3e5279dc06b_amd64",
"Red Hat Developer Hub 1.7:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:72beabd2760976369736af8c22388b030603f9d503020aa581f4b8ec1c50c740_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@node-saml/node-saml: Node-SAML Signature Verification Vulnerability"
}
]
}
RHSA-2025:14767
Vulnerability from csaf_redhat - Published: 2025-08-27 15:50 - Updated: 2026-03-25 00:37Summary
Red Hat Security Advisory: Red Hat Developer Hub 1.6.4 release.
Severity
Important
Notes
Topic: Red Hat Developer Hub 1.6.4 has been released.
Details: Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A denial of service vulnerability was found in the Multer NPM library. This vulnerability allows an attacker to trigger a denial of service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, resulting in a process crash.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64 | — |
Workaround
|
Threats
Impact
Moderate
An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid value calculations, hanging and rewinding the hash state, including turning a tagged hash into an untagged hash, for malicious JSON-stringifyable inputs.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64 | — |
Workaround
|
Threats
Impact
Important
A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.
7.7 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64 | — |
Workaround
|
Threats
Impact
Important
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Developer Hub 1.6.4 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:14767",
"url": "https://access.redhat.com/errata/RHSA-2025:14767"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-7338",
"url": "https://access.redhat.com/security/cve/CVE-2025-7338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9287",
"url": "https://access.redhat.com/security/cve/CVE-2025-9287"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9288",
"url": "https://access.redhat.com/security/cve/CVE-2025-9288"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
"url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
},
{
"category": "external",
"summary": "https://developers.redhat.com/rhdh/overview",
"url": "https://developers.redhat.com/rhdh/overview"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
"url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-8263",
"url": "https://issues.redhat.com/browse/RHIDP-8263"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-8678",
"url": "https://issues.redhat.com/browse/RHIDP-8678"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-8684",
"url": "https://issues.redhat.com/browse/RHIDP-8684"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_14767.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Developer Hub 1.6.4 release.",
"tracking": {
"current_release_date": "2026-03-25T00:37:01+00:00",
"generator": {
"date": "2026-03-25T00:37:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2025:14767",
"initial_release_date": "2025-08-27T15:50:11+00:00",
"revision_history": [
{
"date": "2025-08-27T15:50:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-27T15:50:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-25T00:37:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Hub 1.6",
"product": {
"name": "Red Hat Developer Hub 1.6",
"product_id": "Red Hat Developer Hub 1.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhdh:1.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-hub-rhel9@sha256%3A48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1.6.4-1756241191"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-rhel9-operator@sha256%3A555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1.6.4-1756218204"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-operator-bundle@sha256%3A7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1.6.4-1756244632"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64 as a component of Red Hat Developer Hub 1.6",
"product_id": "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64 as a component of Red Hat Developer Hub 1.6",
"product_id": "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64 as a component of Red Hat Developer Hub 1.6",
"product_id": "Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-7338",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2025-07-17T16:00:55.704118+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2381726"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Multer NPM library. This vulnerability allows an attacker to trigger a denial of service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, resulting in a process crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "multer: Multer Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-7338"
},
{
"category": "external",
"summary": "RHBZ#2381726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-7338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-7338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7338"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143b",
"url": "https://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p",
"url": "https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p"
}
],
"release_date": "2025-07-17T15:26:45.427000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-27T15:50:11+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14767"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "multer: Multer Denial of Service"
},
{
"cve": "CVE-2025-9287",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-20T22:00:53.821394+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389932"
}
],
"notes": [
{
"category": "description",
"text": "An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid\u00a0value calculations,\u00a0hanging and\u00a0rewinding the\u00a0hash state, including\u00a0turning a tagged hash\u00a0into an untagged\u00a0hash, for malicious JSON-stringifyable\u00a0inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cipher-base: Cipher-base hash manipulation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9287"
},
{
"category": "external",
"summary": "RHBZ#2389932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389932"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287"
},
{
"category": "external",
"summary": "https://github.com/browserify/cipher-base/pull/23",
"url": "https://github.com/browserify/cipher-base/pull/23"
},
{
"category": "external",
"summary": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc",
"url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
}
],
"release_date": "2025-08-20T21:43:56.548000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-27T15:50:11+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14767"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cipher-base: Cipher-base hash manipulation"
},
{
"cve": "CVE-2025-9288",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-20T23:00:56.263191+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389980"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sha.js: Missing type checks leading to hash rewind and passing on crafted data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important rather then Critical because while the lack of input type checks in sha.js allows for hash state rewinding, crafted collisions, and potential denial of service, the vulnerability requires highly specific crafted input objects that are unlikely to occur in typical real-world usage, especially since most applications pass well-formed strings or buffers to hashing functions. Moreover, the cryptographic breakages described, such as nonce reuse leading to private key extraction, are indirect and depend on downstream libraries misusing sha.js for sensitive operations without additional validation layers. As a result, the flaw significantly undermines correctness and robustness of the hashing API, but its exploitability in common production systems is constrained, which could justify viewing it as an Important vulnerability rather than a Critical one.\n\n\nThe flaw requires applications to pass attacker-controlled, non-standard JavaScript objects into hash.update(). Most real-world Node.js applications and libraries already use Buffer, TypedArray, or String inputs, which are unaffected. Furthermore, Node\u2019s built-in crypto module, which is widely adopted, enforces stricter type-checking and is not impacted. As a result, the vulnerability mainly threatens projects that (a) directly depend on sha.js for cryptographically sensitive operations, and (b) hash untrusted input without type validation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9288"
},
{
"category": "external",
"summary": "RHBZ#2389980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389980"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288"
},
{
"category": "external",
"summary": "https://github.com/browserify/sha.js/pull/78",
"url": "https://github.com/browserify/sha.js/pull/78"
},
{
"category": "external",
"summary": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5",
"url": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
}
],
"release_date": "2025-08-20T21:59:44.728000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-27T15:50:11+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:14767"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:48b72d96926999336505cbf097f873dd9ccb2dec814a5db7f7ffa630dea29dc5_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:7de394929c58edb75ef46b277a25322f77f098919208eca5694c927c38c5af26_amd64",
"Red Hat Developer Hub 1.6:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:555e8b3628e6f2bad033545016f774a7bf5f01d038a2c4696982067964a56cb8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sha.js: Missing type checks leading to hash rewind and passing on crafted data"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…