- Issued:
- 2025-12-09
- Updated:
- 2025-12-09
RHSA-2025:22937 - Security Advisory
Synopsis
Kiali 2.4.11 for Red Hat OpenShift Service Mesh 3.0
Type/Severity
Security Advisory: Important
Topic
Kiali 2.4.11 for Red Hat OpenShift Service Mesh 3.0
Description
Kiali 2.4.11, for Red Hat OpenShift Service Mesh 3.0, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently
Security Fix(es):
- kiali-ossmc-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)
- kiali-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)
- kiali-ossmc-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)
- kiali-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)
Solution
See Kiali 2.4.11 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0/html/observability/kiali-operator-provided-by-red-hat
Fixes
(none)amd64
| registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:76d016722febb26186803476d1479339130eb5911299b01955e5449488910447 |
| registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e2b22107128f05f40773095ae2b01ae6c65df0539677ea0d5b8f90c7f907f98 |
arm64
| registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:9ab887b31e9d45ef89acd26b0d2bd9aeb5fc7c87d0f296d605ed9fa5d8c6a50e |
| registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:a529baf5f8aef4932058b377ded468cc291c1c04a326c8e1d6275ad0bde495a2 |
ppc64le
| registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:c012e5fdf21c90d8d504164ddec9b294c5c347df078049fcd4e20a9ebe2f76cc |
| registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:284ba4bea2d340c325d183b866efb72527d297ab6c866b7b18c9e82af43d6af3 |
s390x
| registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:8d99058fce52a3208855359c8c1d2e90b010145dac3403177791925471005a1e |
| registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:e00f3b28e62c2ac90d836d7673183b1b391b76ce1b272861e49571f345cfa6a4 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
