VDB
RHSA-2025%3A1704
RHSA-2025%3A1704
PUBLISHED
CVSS 8.100000381469727 HIGH
An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport protocol is being used.
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/sriov-network-metrics-exporter-rhel9@sha256:e4858e291d7ad535f4aab83f314b0ab19d875c66fe87fb3538de7571542c4807_ppc64le as a component of Red Hat OpenShift Container Platform 4.16 | * |
| Red Hat | openshift4/ose-csi-driver-shared-resource-mustgather-rhel9@sha256:87c9ec8b5274b20529c0b0e5871039259a1e6cd1d407c23975defd524ebb59a7_s390x as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/ose-csi-driver-shared-resource-mustgather-rhel9@sha256:87c9ec8b5274b20529c0b0e5871039259a1e6cd1d407c23975defd524ebb59a7_s390x |
| Red Hat | openshift4/kubernetes-nmstate-rhel9-operator@sha256:ec64a214adab3ab56bc4715eabc08cf126233581af89b6aae42efa6c6bd5a77c_ppc64le as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/kubernetes-nmstate-rhel9-operator@sha256:ec64a214adab3ab56bc4715eabc08cf126233581af89b6aae42efa6c6bd5a77c_ppc64le |
| Red Hat | openshift4/ptp-must-gather-rhel9@sha256:3c14f7b2d873e71f87e811f97f4ab13699225f7c93044bbb05aafabfd416738b_amd64 as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/ptp-must-gather-rhel9@sha256:3c14f7b2d873e71f87e811f97f4ab13699225f7c93044bbb05aafabfd416738b_amd64 |
| Red Hat | openshift4/ose-operator-sdk-rhel9@sha256:eeb1d99595529613cb094b8314fe28cf61692c6b2c670a05f9d2bc2b0e7db7ee_arm64 as a component of Red Hat OpenShift Container Platform 4.16 | * |
| Red Hat | openshift4/sriov-network-metrics-exporter-rhel9@sha256:be270a7728e5521da321031734c186f415fa8e9d51d692e8cae7df3e0e2f6919_amd64 as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/sriov-network-metrics-exporter-rhel9@sha256:be270a7728e5521da321031734c186f415fa8e9d51d692e8cae7df3e0e2f6919_amd64 |
| Red Hat | openshift4/kubernetes-nmstate-rhel9-operator@sha256:4decb51af068d99b41641772ae0c7c8f68d6778208188349dda869380798904c_amd64 as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/kubernetes-nmstate-rhel9-operator@sha256:4decb51af068d99b41641772ae0c7c8f68d6778208188349dda869380798904c_amd64 |
| Red Hat | openshift4/ose-sriov-network-rhel9-operator@sha256:fec3d8df59d26d462be75e2fbc59888dfdb15fa6819bd39a6642d4356ad09d82_amd64 as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/ose-sriov-network-rhel9-operator@sha256:fec3d8df59d26d462be75e2fbc59888dfdb15fa6819bd39a6642d4356ad09d82_amd64 |
| Red Hat | openshift4/ose-kubernetes-nmstate-handler-rhel9@sha256:2d6d320242a0f7ec5b8ee1451e3539122d54f6f7def159baa342c9dee169303f_amd64 as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/ose-kubernetes-nmstate-handler-rhel9@sha256:2d6d320242a0f7ec5b8ee1451e3539122d54f6f7def159baa342c9dee169303f_amd64 |
| Red Hat | openshift4/ose-sriov-network-rhel9-operator@sha256:4b3d4389aac7a0aa4fb350579f78bf1f8b07bc4c0fe846f9b1e27b0abed6aae2_arm64 as a component of Red Hat OpenShift Container Platform 4.16 | * |
| Red Hat | openshift4/nmstate-console-plugin-rhel9@sha256:c0e47eb928f6c654311d01b6d5da68adc37107121803285e09765bb06425b915_arm64 as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/nmstate-console-plugin-rhel9@sha256:c0e47eb928f6c654311d01b6d5da68adc37107121803285e09765bb06425b915_arm64 |
| Red Hat | openshift4/ose-kubernetes-nmstate-handler-rhel9@sha256:c9d29ddc6decd6358c7935eb1fcf8a920db2e04bdc6ebe30d09b7db83519a69e_ppc64le as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/ose-kubernetes-nmstate-handler-rhel9@sha256:c9d29ddc6decd6358c7935eb1fcf8a920db2e04bdc6ebe30d09b7db83519a69e_ppc64le |
| Red Hat | openshift4/ose-operator-sdk-rhel9@sha256:a37bc2569541975dc85b91b0426a2a157b3c1f390c76ea79b11a1437344b1c9e_ppc64le as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/ose-operator-sdk-rhel9@sha256:a37bc2569541975dc85b91b0426a2a157b3c1f390c76ea79b11a1437344b1c9e_ppc64le |
| Red Hat | openshift4/ose-csi-driver-shared-resource-mustgather-rhel9@sha256:7662039b328d514fe1e03bd241f0a24d256f752e2a5f26dde75f29df4c10b686_arm64 as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/ose-csi-driver-shared-resource-mustgather-rhel9@sha256:7662039b328d514fe1e03bd241f0a24d256f752e2a5f26dde75f29df4c10b686_arm64 |
| Red Hat | openshift4/ose-helm-rhel9-operator@sha256:d469976c1a96d26c42baf02391bcac3994cac27955a10b4753b13e22b2ef4617_s390x as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/ose-helm-rhel9-operator@sha256:d469976c1a96d26c42baf02391bcac3994cac27955a10b4753b13e22b2ef4617_s390x |
| Red Hat | openshift4/ose-sriov-network-metrics-exporter-rhel9@sha256:e4858e291d7ad535f4aab83f314b0ab19d875c66fe87fb3538de7571542c4807_ppc64le as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/ose-sriov-network-metrics-exporter-rhel9@sha256:e4858e291d7ad535f4aab83f314b0ab19d875c66fe87fb3538de7571542c4807_ppc64le |
| Red Hat | openshift4/sriov-network-metrics-exporter-rhel9@sha256:69d8ba95cb2698724dc5be762e9403ce82662cd4f65d9ed824592e8b26ce44ae_arm64 as a component of Red Hat OpenShift Container Platform 4.16 | * |
| Red Hat | openshift4/ose-operator-sdk-rhel9@sha256:bc2469da8833eec1f137ae8203e17be1cded1ff746da08b78d76037c99979647_amd64 as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/ose-operator-sdk-rhel9@sha256:bc2469da8833eec1f137ae8203e17be1cded1ff746da08b78d76037c99979647_amd64 |
| Red Hat | openshift4/ose-csi-driver-shared-resource-mustgather-rhel9@sha256:4f2c25fd49437dbbe01c064343441b7a1940bf6e42b434f5cf72f573c75435fa_ppc64le as a component of Red Hat OpenShift Container Platform 4.16 | * |
| Red Hat | openshift4/nmstate-console-plugin-rhel9@sha256:0876977b02c66c9c436e1b709ef0890eb37ba6000cc66b359bc43a82f9c9326d_amd64 as a component of Red Hat OpenShift Container Platform 4.16 | openshift4/nmstate-console-plugin-rhel9@sha256:0876977b02c66c9c436e1b709ef0890eb37ba6000cc66b359bc43a82f9c9326d_amd64 |
…and 16 more
Timeline
- Feb 27, 2025 CVE Published
- Apr 29, 2026 CVE Updated
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
References
- https://pkg.go.dev/vuln/GO-2025-3367 advisory
- https://access.redhat.com/errata/RHSA-2025:1704 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2335888 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2335901 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1704.json advisory
- https://access.redhat.com/security/cve/CVE-2025-21613 advisory
- https://www.cve.org/CVERecord?id=CVE-2025-21613 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-21613 advisory
- https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m advisory
- https://pkg.go.dev/vuln/GO-2025-3368 advisory
- https://access.redhat.com/security/cve/CVE-2025-21614 advisory
- https://www.cve.org/CVERecord?id=CVE-2025-21614 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-21614 advisory
- https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4 advisory