VDB
RHSA-2026%3A8433
RHSA-2026%3A8433
PUBLISHED
CVSS 8.199999809265137 HIGH
An updated OpenShift Compliance Operator image that fixes various bugs and adds new enhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.
Risk Scores
CVSS 3.1
8.199999809265137
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| registry.redhat.io/compliance/openshift | ||
| OpenShift Compliance Operator 1 |
Exploit Intelligence
- gRPC-Go RBAC Authorization Policy Bypass via Missing `:path` Slash (Auth Bypass) (github-poc-repo)
- gRPC-Go RBAC Authorization Policy Bypass via Missing `:path` Slash (Auth Bypass) (github-poc-repo)
- gRPC-Go RBAC Authorization Policy Bypass via Missing `:path` Slash (Auth Bypass) (github-poc)
- gRPC-Go RBAC Authorization Policy Bypass via Missing `:path` Slash (Auth Bypass) (github-poc)
- Workaround for CVE-2025-52881: Fixes Docker/Podman breakage in Proxmox LXC containers caused by AppArmor incompatibility with runc 1.2.7+. Universal wrapper for community-scripts with automatic AppArmor configuration. (github-poc)
- Workaround for CVE-2025-52881: Fixes Docker/Podman breakage in Proxmox LXC containers caused by AppArmor incompatibility with runc 1.2.7+. Universal wrapper for community-scripts with automatic AppArmor configuration. (github-poc)
- https://access.redhat.com/security/cve/CVE-2025-61729 (circl)
- https://access.redhat.com/security/cve/CVE-2025-61726 (circl)
- https://access.redhat.com/security/cve/CVE-2025-52881 (circl)
- https://access.redhat.com/security/cve/CVE-2025-68121 (circl)
…and 72 more exploits
Timeline
- Apr 16, 2026 CVE Published
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Jun 8, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2026:8433 advisory
- https://access.redhat.com/security/cve/CVE-2025-52881 url
- https://access.redhat.com/security/cve/CVE-2025-61726 url
- https://access.redhat.com/security/cve/CVE-2025-61729 url
- https://access.redhat.com/security/cve/CVE-2025-68121 url
- https://access.redhat.com/security/cve/CVE-2026-25679 url
- https://access.redhat.com/security/cve/CVE-2026-33186 url
- https://access.redhat.com/security/cve/CVE-2026-4645 url
- https://access.redhat.com/security/updates/classification/ url
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_8433.json advisory