- Issued:
- 2025-05-19
- Updated:
- 2025-05-19
RHSA-2025:7998 - Security Advisory
Synopsis
Important: Updated Red Hat OpenShift Dev Spaces 3 container images
Type/Severity
Security Advisory: Important
Topic
Updated Red Hat OpenShift Dev Spaces 3.20 container images are now available
Description
The Red Hat OpenShift Dev Spaces 3 container images have been updated to address the following security advisory: RHSA-2025:3713 (see References)
Users of Red Hat OpenShift Dev Spaces 3 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.
You can find images updated by this advisory in Red Hat Container Catalog (see References).
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat OpenShift Dev Spaces 3 x86_64
Fixes
- BZ - 2353871 - CVE-2024-44192 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2357911 - CVE-2025-24209 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
- BZ - 2357917 - CVE-2025-24216 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
- BZ - 2357919 - CVE-2025-30427 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
CVEs
- CVE-2022-41741
- CVE-2022-41742
- CVE-2023-4752
- CVE-2023-39321
- CVE-2023-39322
- CVE-2024-0444
- CVE-2024-4453
- CVE-2024-7347
- CVE-2024-8176
- CVE-2024-8418
- CVE-2024-9355
- CVE-2024-12133
- CVE-2024-12243
- CVE-2024-24788
- CVE-2024-24790
- CVE-2024-24791
- CVE-2024-35195
- CVE-2024-44192
- CVE-2024-47541
- CVE-2024-47542
- CVE-2024-47600
- CVE-2024-47835
- CVE-2024-52005
- CVE-2024-52616
- CVE-2024-54467
- CVE-2024-54551
- CVE-2024-55549
- CVE-2024-56826
- CVE-2024-56827
- CVE-2024-58005
- CVE-2024-58007
- CVE-2024-58069
- CVE-2025-0395
- CVE-2025-0938
- CVE-2025-21587
- CVE-2025-21633
- CVE-2025-21927
- CVE-2025-21993
- CVE-2025-22869
- CVE-2025-24208
- CVE-2025-24209
- CVE-2025-24216
- CVE-2025-24528
- CVE-2025-26465
- CVE-2025-26646
- CVE-2025-27144
- CVE-2025-30427
- CVE-2025-30691
- CVE-2025-30698
- CVE-2025-32050
- CVE-2025-32052
- CVE-2025-32053
- CVE-2025-32906
- CVE-2025-32907
- CVE-2025-32911
- CVE-2025-32913
- CVE-2025-46420
- CVE-2025-46421
ppc64le
| devspaces/pluginregistry-rhel9@sha256:26982c23aeae1ec80516c5e837c157c1cbe8327420d0b05140dbca7b39112bc5 |
| devspaces/udi-base-rhel9@sha256:b794ad0c9273c941eac5314cd886036c7fb5c5c46736dee498811c30671ac490 |
| devspaces/udi-rhel9@sha256:cc3ea50e54e2c957276934876d20d0be25d7fef4d41c8693b9ca0c0a70d4ab92 |
s390x
| devspaces/pluginregistry-rhel9@sha256:e932cdd89984a74879127f6af0f6c14ef0cda80beb7782b590eca653d4d34b1e |
| devspaces/udi-base-rhel9@sha256:384f0ed8cd2c69b51b4b881fae31130353d84321cfb894c7c8ef20a21b65db49 |
| devspaces/udi-rhel9@sha256:08534bf299826c9b5572373b4418a3607ba722c1bcee2c9b208da4fc2082010b |
x86_64
| devspaces/pluginregistry-rhel9@sha256:0490a4d2b6d27d513047e7425efd22227b8971ebab2c89a39ba2c26ecccada12 |
| devspaces/udi-base-rhel9@sha256:0d7ddae5a233822061f01d08649403f1bbe1e78179f337e8820bfc10dc83895e |
| devspaces/udi-rhel9@sha256:bf863f4a19a1757641c4cd3a93bed3d2fcc821a975282bbb1c96b962546c25cb |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
