Issued:: 2025-12-02
Updated:: 2025-12-02

RHSA-2025:22652 - Security Advisory

Overview
Updated Images

Synopsis

Red Hat OpenShift Dev Spaces 3.23.1 Release.

Type/Severity

Security Advisory: Important

Topic

Red Hat OpenShift Dev Spaces 3.23.1 has been released.

Description

This release addresses CVE-2025-12548 'Eclipse Che — unauthenticated RCE and secret exfiltration via TCP/3333'.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258

Fixes

(none)

CVEs

CVE-2025-12548

References

amd64

registry.redhat.io/devspaces/code-rhel9@sha256:a6fe7e233fa23e1fff9c74c5d4cbe800534561131b5be59533e88ede24452e3a

registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:48c3048fafcdcf5d50fb5a5760e21b9fe062ec791c6ca9f288a9bcc556677f25

s390x

registry.redhat.io/devspaces/code-rhel9@sha256:4b9159902333a82353bf91823c092e9e2508b17b92e8c6fe0295b5a6609f25f3

ppc64le

registry.redhat.io/devspaces/code-rhel9@sha256:83bdc106e7049b40977f8407a1b305be91afdd555a08ab097e448205c9f24eac

arm64

registry.redhat.io/devspaces/code-rhel9@sha256:530cc2d4545285c5049faa1d379d57c1f0b00f34ec962fae78778893a7fdab50

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation