{"id":"RHSA-2025:2223","summary":"Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update","modified":"2026-04-02T10:13:35Z","published":"2025-03-05T10:03:13Z","related":["GO-2025-3372"],"upstream":["CVE-2024-45339","CVE-2024-47072","CVE-2024-47855","CVE-2024-52549","CVE-2024-52550","CVE-2024-52551"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:2223"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2316421"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324606"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2326034"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2326043"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2326047"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2223.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-45339"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342463"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-45339"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45339"},{"type":"ARTICLE","url":"https://github.com/golang/glog/pull/74"},{"type":"ARTICLE","url":"https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs"},{"type":"ARTICLE","url":"https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-3372"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-47072"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-47072"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47072"},{"type":"ARTICLE","url":"https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266"},{"type":"ARTICLE","url":"https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q"},{"type":"ARTICLE","url":"https://x-stream.github.io/CVE-2024-47072.html"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-47855"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-47855"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47855"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-wwcp-26wc-3fxm"},{"type":"ARTICLE","url":"https://github.com/kordamp/json-lib/commit/a0c4a0eae277130e22979cf307c95dec4005a78e"},{"type":"ARTICLE","url":"https://github.com/kordamp/json-lib/compare/v3.0.3...v3.1.0"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-52549"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-52549"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52549"},{"type":"ARTICLE","url":"https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3447"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-52550"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-52550"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52550"},{"type":"ARTICLE","url":"https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3362"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-52551"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-52551"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52551"},{"type":"ARTICLE","url":"https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3361"}],"affected":[{"package":{"name":"jenkins","ecosystem":"Red Hat:ocp_tools:4.12::el8","purl":"pkg:rpm/redhat/jenkins"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.479.3.1740464431-3.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:2223.json"}},{"package":{"name":"jenkins-2-plugins","ecosystem":"Red Hat:ocp_tools:4.12::el8","purl":"pkg:rpm/redhat/jenkins-2-plugins"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.12.1740464689-1.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:2223.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}]}