RHSA-2025:2223
Advisory lineage Upstream: 6 Downstream: 0
Published: 05 Mar 2025, 10:03
Last modified:07 May 2026, 10:04
Vulnerability Summary
Overall Risk (default)
medium
32/100 CVSS Score
8 HIGH
3.1 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
05 Mar 2025, 10:03
Published
Vulnerability first disclosed
07 May 2026, 10:04
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update
CVSS Metrics
- v3.1•HIGH•Score: 8CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Systems
- redhat•jenkins
< 0:2.479.3.1740464431-3.el8
- redhat•jenkins-2-plugins
< 0:4.12.1740464689-1.el8
References (41)
- https://access.redhat.com/errata/RHSA-2025:2223
- https://access.redhat.com/security/updates/classification/#important
- https://bugzilla.redhat.com/show_bug.cgi?id=2316421
- https://bugzilla.redhat.com/show_bug.cgi?id=2324606
- https://bugzilla.redhat.com/show_bug.cgi?id=2326034
- https://bugzilla.redhat.com/show_bug.cgi?id=2326043
- https://bugzilla.redhat.com/show_bug.cgi?id=2326047
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2223.json
- https://access.redhat.com/security/cve/CVE-2024-45339
- https://bugzilla.redhat.com/show_bug.cgi?id=2342463
- https://www.cve.org/CVERecord?id=CVE-2024-45339
- https://nvd.nist.gov/vuln/detail/CVE-2024-45339
- https://github.com/golang/glog/pull/74
- https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2
- https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs
- https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File
- https://pkg.go.dev/vuln/GO-2025-3372
- https://access.redhat.com/security/cve/CVE-2024-47072
- https://www.cve.org/CVERecord?id=CVE-2024-47072
- https://nvd.nist.gov/vuln/detail/CVE-2024-47072
- https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266
- https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q
- https://x-stream.github.io/CVE-2024-47072.html
- https://access.redhat.com/security/cve/CVE-2024-47855
- https://www.cve.org/CVERecord?id=CVE-2024-47855
- https://nvd.nist.gov/vuln/detail/CVE-2024-47855
- https://github.com/advisories/GHSA-wwcp-26wc-3fxm
- https://github.com/kordamp/json-lib/commit/a0c4a0eae277130e22979cf307c95dec4005a78e
- https://github.com/kordamp/json-lib/compare/v3.0.3...v3.1.0
- https://access.redhat.com/security/cve/CVE-2024-52549
- https://www.cve.org/CVERecord?id=CVE-2024-52549
- https://nvd.nist.gov/vuln/detail/CVE-2024-52549
- https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3447
- https://access.redhat.com/security/cve/CVE-2024-52550
- https://www.cve.org/CVERecord?id=CVE-2024-52550
- https://nvd.nist.gov/vuln/detail/CVE-2024-52550
- https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3362
- https://access.redhat.com/security/cve/CVE-2024-52551
- https://www.cve.org/CVERecord?id=CVE-2024-52551
- https://nvd.nist.gov/vuln/detail/CVE-2024-52551
- https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3361