Red hat openshift dev spaces
This hub aggregates every CVE we track for Red hat openshift dev spaces, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemson-prem
31
CVEs tracked
2
Critical
16
High
0
In CISA KEV
Severity distribution
HIGH16MEDIUM13CRITICAL2
Monthly trend
0
0
1
4
1
1
2
1
0
0
0
0
0
0
0
0
0
1
3
1
0
1
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat openshift dev spaces.
- CVE-2026-33810Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x5098.2
- CVE-2026-26960node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction7.1
- CVE-2025-14969Hibernate-reactive-core: hibernate reactive: denial of service due to connection leak on http client disconnect4.3
- CVE-2025-11065Github.com/go-viper/mapstructure/v2: go-viper's mapstructure may leak sensitive information in logs in github.com/go-viper/mapstructure5.3
- CVE-2026-0603Org.hibernate/hibernate-core: hibernate: information disclosure and data deletion via second-order sql injection8.3
- CVE-2025-57850Codeready-ws: privilege escalation via excessive /etc/passwd permissions5.2
- CVE-2024-11831Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript5.4
- CVE-2025-21614go-git clients vulnerable to DoS via maliciously crafted Git server replies7.5
- CVE-2025-21613go-git has an Argument Injection via the URL field9.8
- CVE-2024-53259quic-go affected by an ICMP Packet Too Large Injection Attack on Linux6.5
- CVE-2024-53899virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the sa...7.8
- CVE-2024-10086Consul Vulnerable To Reflected XSS On Content-Type Error Manipulation6.1
- CVE-2024-10006Consul L7 Intentions Vulnerable To Headers Bypass8.3
- CVE-2024-10005Consul L7 Intentions Vulnerable To URL Path Bypass8.1
- CVE-2024-9355Golang-fips: golang fips zeroed buffer6.5
Product normalization is registry-driven with AI assist and human review. How it works