VDB
RHSA-2025%3A3714
RHSA-2025%3A3714
PUBLISHED
CVSS 6 MEDIUM
A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information.
Risk Scores
CVSS 3.1
6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:0f576aede28d85a5157a400605680821d2f9bc8fa5ae0f1c88116c8b73a692f8_ppc64le as a component of cert-manager operator for Red Hat OpenShift 1.14 | * |
| Red Hat | registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a594b7ff2fa1ff1b5e6764815d792ea546901edd566e8d2ec84674b3b1248bf1_s390x as a component of cert-manager operator for Red Hat OpenShift 1.14 | registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:a594b7ff2fa1ff1b5e6764815d792ea546901edd566e8d2ec84674b3b1248bf1_s390x |
| Red Hat | registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:d2b37ee05356f9b32b677c0edecf9b942ec5102655715a067dc35279c597dd9e_amd64 as a component of cert-manager operator for Red Hat OpenShift 1.14 | * |
| Red Hat | registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:6147724b354a70fe9ddd6e255fc7307f5eed01a41a4e26f7e83aed95d640157d_amd64 as a component of cert-manager operator for Red Hat OpenShift 1.14 | * |
| Red Hat | registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:43cdb26e404d68d3b86d48fbfba0bf427ae8215fcf6abc014e3ce9fa026d2d7f_arm64 as a component of cert-manager operator for Red Hat OpenShift 1.14 | registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:43cdb26e404d68d3b86d48fbfba0bf427ae8215fcf6abc014e3ce9fa026d2d7f_arm64 |
| Red Hat | registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:383d3e03d07f5203a2f002ac6c558549f0b4a54e442332178100094fd076f5fe_arm64 as a component of cert-manager operator for Red Hat OpenShift 1.14 | * |
| Red Hat | registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:2f3ffd42acbea226e8245a27ab6f5dda831dc2d9257f7ef7d5f9c067df305605_ppc64le as a component of cert-manager operator for Red Hat OpenShift 1.14 | registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:2f3ffd42acbea226e8245a27ab6f5dda831dc2d9257f7ef7d5f9c067df305605_ppc64le |
| Red Hat | registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:cc360ce8ff69de2615e1542327f3f4938ac0934c9da610d28ea310d005692e20_s390x as a component of cert-manager operator for Red Hat OpenShift 1.14 | registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:cc360ce8ff69de2615e1542327f3f4938ac0934c9da610d28ea310d005692e20_s390x |
Timeline
- Apr 8, 2025 CVE Published
- Apr 24, 2026 CVE Updated
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2025:3714 advisory
- https://access.redhat.com/security/cve/CVE-2024-41110 advisory
- https://access.redhat.com/security/cve/CVE-2024-6104 advisory
- https://access.redhat.com/security/updates/classification/ advisory
- https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3714.json advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2294000 issue
- https://www.cve.org/CVERecord?id=CVE-2024-6104 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-6104 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2299720 issue
- https://www.cve.org/CVERecord?id=CVE-2024-41110 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-41110 advisory
- https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 advisory
- https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 advisory
- https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 advisory
- https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b advisory
- https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 advisory
- https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 advisory
- https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 advisory
- https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f advisory
…and 4 more