RHSA-2023%3A4286
Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.7.1 release is based on Eclipse Che 7.67. Dev Spaces releases support the latest two OpenShift 4 EUS releases. Users are expected to update to newer OpenShift releases in order to continue to get Dev Spaces updates. https://access.redhat.com/support/policy/updates/openshift#crw Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| devspaces/devspaces | ||
| devspaces/traefik | ||
| devspaces/devfileregistry | ||
| devspaces/dashboard | ||
| Red Hat OpenShift Dev Spaces 3 | ||
| devspaces/code | ||
| devspaces/machineexec | ||
| devspaces/imagepuller | ||
| devspaces/server | ||
| devspaces/pluginregistry | ||
| devspaces/udi | ||
| devspaces/idea | ||
| devspaces/configbump |
Timeline
- Jul 26, 2023 CVE Published
- Dec 1, 2024 CVE Updated
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2023:4286 advisory
- https://access.redhat.com/security/updates/classification/#moderate url
- https://access.redhat.com/security/vulnerabilities/RHSB-2023-001 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2212085 url
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4286.json advisory