Medium severity6.4GHSA Advisory· Published Dec 16, 2025· Updated Apr 15, 2026
CVE-2025-14443
CVE-2025-14443
Description
A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service (DoS) through Server-Side Request Forgery (SSRF) due to missing IP address and network-range validation when processing user-supplied image references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/openshift/openshift-apiserverGo | <= 0.0.0-alpha.0.0.20260130163947-0eb84cd66658 | — |
Affected products
1- Range: <= 0.0.0-alpha.0.0.20260130163947-0eb84cd66658
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/advisories/GHSA-gxvv-45f6-3ch8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-14443ghsaADVISORY
- access.redhat.com/security/cve/CVE-2025-14443nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/openshift/openshift-apiserver/pull/591ghsaWEB
- github.com/openshift/openshift-apiserver/pull/599ghsaWEB
News mentions
0No linked articles in our index yet.