Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Red Hat Trusted Application Pipeline

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2025-11065
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.01% / 1.37%
||
7 Day CHG~0.00%
Published-26 Jan, 2026 | 19:36
Updated-03 Feb, 2026 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Github.com/go-viper/mapstructure/v2: go-viper's mapstructure may leak sensitive information in logs in github.com/go-viper/mapstructure

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in security-critical contexts.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Certification for Red Hat Enterprise Linux 8Red Hat OpenShift distributed tracing 3Red Hat OpenShift GitOpsRed Hat Trusted Artifact SignerRed Hat Certification Program for Red Hat Enterprise Linux 9Red Hat OpenShift Container Platform 4Red Hat Enterprise Linux 9Red Hat Advanced Cluster Management for Kubernetes 2OpenShift PipelinesRed Hat OpenShift Dev SpacesRed Hat Trusted Application PipelineRed Hat OpenShift AI (RHOAI)Red Hat Enterprise Linux 10Red Hat Advanced Cluster Security 4Zero Trust Workload Identity Manager - Tech Preview
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CVE-2025-8556
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-3.7||LOW
EPSS-0.01% / 2.19%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 08:48
Updated-07 Nov, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Multicluster Global HubRed Hat Enterprise Linux AI (RHEL AI)Red Hat Trusted Profile AnalyzerRed Hat Ceph Storage 8Red Hat Advanced Cluster Management for Kubernetes 2Red Hat Ceph Storage 6Builds for Red Hat OpenShiftRed Hat Advanced Cluster Security 4Red Hat Ceph Storage 5Red Hat OpenShift for Windows ContainersRed Hat OpenShift AI (RHOAI)Red Hat Trusted Application PipelineRed Hat Enterprise Linux 9OpenShift PipelinesRed Hat OpenShift GitOpsCustom Metric Autoscaler operator for Red Hat OpenshiftRed Hat Trusted Artifact SignerRed Hat Developer HubRed Hat Edge Manager previewRed Hat OpenShift Dev Workspaces OperatorRed Hat OpenShift Virtualization 4Red Hat OpenStack Platform 17.1OpenShift ServerlessRed Hat OpenShift Container Platform 4Red Hat OpenStack Platform 16.2OpenShift Service Mesh 3Red Hat Enterprise Linux 10
CWE ID-CWE-347
Improper Verification of Cryptographic Signature