Red Hat Openshift Compliance Operator
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Openshift Compliance Operator.
Recent Red Hat Openshift Compliance Operator Security Advisories
| Advisory | Title | Published |
|---|---|---|
| RHSA-2026:1859 | (RHSA-2026:1859) OpenShift Compliance Operator bug fix and enhancement update | February 3, 2026 |
| RHSA-2026:0737 | (RHSA-2026:0737) OpenShift Compliance Operator bug fix and enhancement update | January 15, 2026 |
| RHSA-2025:21885 | (RHSA-2025:21885) OpenShift Compliance Operator bug fix and enhancement update | November 20, 2025 |
By the Year
In 2026 there have been 0 vulnerabilities in Red Hat Openshift Compliance Operator. Last year, in 2025 Openshift Compliance Operator had 6 security vulnerabilities published. Right now, Openshift Compliance Operator is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 6 | 7.32 |
It may take a day or so for new Openshift Compliance Operator vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Openshift Compliance Operator Security Vulnerabilities
Linux-PAM pam_namespace LPE via Symlink Race
CVE-2025-8941
7.8 - High
- August 13, 2025
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
Directory traversal
Operator SDK <0.15.2 RCE via insecure user_setup /etc/passwd
CVE-2025-7195
5.2 - Medium
- August 07, 2025
Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images. In affected images, the /etc/passwd file is created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.
Incorrect Default Permissions
libxslt Heap Corruption via atype Flag Manipulation
CVE-2025-7425
7.8 - High
- July 10, 2025
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.
Dangling pointer
PAM Namespace Race: Local Priv Escal via Symlinks in linux-pam
CVE-2025-6020
7.8 - High
- June 17, 2025
A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.
Directory traversal
Integer Overflow in libarchive RAR Reader Causes Double-Free
CVE-2025-5914
7.8 - High
- June 09, 2025
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
Integer Overflow or Wraparound
Rsync: Checksum Length Manipulation Enables Stack Data Leak
CVE-2024-12085
7.5 - High
- January 14, 2025
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
Use of Uninitialized Resource
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Openshift Compliance Operator or by Red Hat? Click the Watch button to subscribe.
