VYPR

Openshift Update Service

by Red Hat

CVEs (4)

  • CVE-2025-10725CriSep 30, 2025
    risk 0.57cvss 9.9epss 0.01

    A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete…

  • CVE-2025-57854MedApr 8, 2026
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain OpenShift Update Service (OSUS) images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an…

  • CVE-2025-12103MedOct 28, 2025
    risk 0.33cvss 5.0epss 0.00

    A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to get, list, watch any pod in any namespace on the cluster. TrustyAI is creating a role `trustyai-service-operator-lmeval-user-role`…

  • CVE-2025-0754MedJan 28, 2025
    risk 0.28cvss 4.3epss 0.00

    The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to improper sanitization of HTTP headers by Envoy, particularly the x-forwarded-for header. This lack of sanitization can allow attackers to inject malicious payloads into service mesh…