Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-19451

[mce-2.6] CVE-2025-22868 CVE-2025-22869 for server-foundation no tracker components

XMLWordPrintable

    • Security & Compliance
    • 0
    • False
    • Hide

      None

      Show
      None
    • False
    • SF Train-26
    • Important
    • None

      Description of problem:

       

      https://docs.google.com/spreadsheets/d/1UqwOA6KAhfS2NtMGRk6og8EuUh3up9iPxLxDKPuflGw/edit?gid=1743374624#gid=1743374624

      ocm https://github.com/stolostron/ocm/pull/290 (CVE-2025-22869) CVE-2025-22868 traced by trackers.

      klusterlet-addon-controller  https://github.com/stolostron/klusterlet-addon-controller/pull/384  CVE-2025-22869 no impact
      clusterlifecycle-state-metrics https://github.com/stolostron/clusterlifecycle-state-metrics/pull/290 
      managedcluster-import-controller https://github.com/stolostron/managedcluster-import-controller/pull/597/files 
      multicloud-manager  https://github.com/stolostron/multicloud-operators-foundation/pull/937 
      cluster-proxy  https://github.com/stolostron/cluster-proxy/pull/318 

      cluster-proxy-addon https://github.com/stolostron/cluster-proxy-addon/pull/354 
      managed-serviceaccount  https://github.com/stolostron/managed-serviceaccount/pull/264 

       

      Version-Release number of selected component (if applicable):

      How reproducible:

      Steps to Reproduce:

      1.  
      2.  
      3. ...

      Actual results:

      Expected results:

      Additional info:

              pahickey@redhat.com Patrick Hickey
              qhao@redhat.com Qing Hao
              Hui Chen Hui Chen
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: