Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: 1.19.0, 1.17.3, 1.18.2
Affects Version/s: 1.18.0
Component/s: Operator
Labels:
- customer-bug
- triaged

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Description of Problem

This is regarding the Vulnerability - CVE-2025-49844 with Redis, that is used with Red Hat OpenShift GitOps.

Tech note > https://access.redhat.com/security/cve/cve-2025-49844

As per the above tech note, It seems that none of Red Hat Component is affected by this. i.e. total of 150 components from all Red Hat products stays unaffected here.

However, Customers would like to understand, If Red Hat OpenShift GitOps is affected with this ? As its using it.

Redis 6 - https://catalog.redhat.com/en/software/containers/rhel8/redis-6/6065b06cdfe097aa13042b50#packages
and
Redis 7 - https://catalog.redhat.com/en/software/containers/rhel9/redis-7/64881353e0e10aaf1cbac8b7#packages

If its affected, Customers are looking to have a fix for this and should be back-ported in above images.

It seems that a fix for the vulnerability is included in Redis 8.2.2 in upstream on October 3, 2025.

Assignee:: Anand Francis Joseph

Reporter:: Dipak Karde

Votes:: 3 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2025/10/10 12:10 PM

Updated:: 2025/11/18 4:40 AM

Details

Description

Description of Problem

Attachments

Easy Agile Planning Poker

Activity

People

Dates