VYPR
Medium severity6.4GHSA Advisory· Published Dec 16, 2025· Updated Apr 15, 2026

CVE-2025-14443

CVE-2025-14443

Description

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service (DoS) through Server-Side Request Forgery (SSRF) due to missing IP address and network-range validation when processing user-supplied image references.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/openshift/openshift-apiserverGo
<= 0.0.0-alpha.0.0.20260130163947-0eb84cd66658

Affected products

3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.