- Issued:
- 2025-12-01
- Updated:
- 2025-12-01
RHBA-2025:22465 - Bug Fix Advisory
Synopsis
Update the JWS Operator for OpenShift to fix an expat CVE
Type/Severity
Bug Fix Advisory
Topic
The JBoss Web Server (JWS) Operator for OpenShift has been updated to provide fixes for an expat CVE.
Description
This erratum covers updates to the JWS Operator for OpenShift to fix the following expat CVE:
- expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
Fixes
- BZ - 2395108 - CVE-2025-59375 expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing
CVEs
ppc64le
| jboss-webserver-5/jws5-operator-bundle@sha256:dd9138b3fc39d009ddf429b29de814e48936584d98ecaccfd5a63ac113be3406 |
| jboss-webserver-5/jws5-rhel8-operator@sha256:81bd95a4cd520982761885a8f10472c47f142e7fcf1877616837d60e8ddb62cd |
s390x
| jboss-webserver-5/jws5-operator-bundle@sha256:432a466fecbb8e94b0ff0910c5020948e34fd8a2aa9c0e20e8e56e779a222f92 |
| jboss-webserver-5/jws5-rhel8-operator@sha256:c2ef53c5820f19a98230d72326568b4eed8a9f92936f36b386c8707a73c8035a |
x86_64
| jboss-webserver-5/jws5-operator-bundle@sha256:bbd477f0b3ea615bb0342a11656be719c61e1f9bccb3235e071d8590944334dd |
| jboss-webserver-5/jws5-rhel8-operator@sha256:428177bbeafc635aeeb1ac7476a4bb99e68ad35449f3f2216f346f9714bb0194 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
