Medium severity6.4GHSA Advisory· Published Dec 16, 2025· Updated Apr 15, 2026
CVE-2025-14443
CVE-2025-14443
Description
A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service (DoS) through Server-Side Request Forgery (SSRF) due to missing IP address and network-range validation when processing user-supplied image references.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/openshift/openshift-apiserverGo | <= 0.0.0-alpha.0.0.20260130163947-0eb84cd66658 | — |
Affected products
3- Range: <= 0.0.0-alpha.0.0.20260130163947-0eb84cd66658
- ghsa-coords2 versionspkg:golang/github.com/openshift/openshift-apiserverpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6
(expand)+ 1 more
- (no CPE)
- (no CPE)range: < 0.0.20260317T205859-150000.1.152.1
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-gxvv-45f6-3ch8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-14443ghsaADVISORY
- access.redhat.com/security/cve/CVE-2025-14443nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/openshift/openshift-apiserver/pull/591ghsaWEB
- github.com/openshift/openshift-apiserver/pull/599ghsaWEB
News mentions
0No linked articles in our index yet.