- Issued:
- 2026-07-08
- Updated:
- 2026-07-08
RHSA-2026:36754 - Security Advisory
Synopsis
Red Hat Developer Hub 1.10.2 release.
Type/Severity
Security Advisory: Important
Topic
Red Hat Developer Hub 1.10.2 has been released.
Description
Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.
Solution
For more about Red Hat Developer Hub, see References links
Affected Products
- Red Hat Developer Hub
Fixes
- RHDHBUGS-3290 - Release-1.10.z : Orchestrator: GitHub SAML SSO token expiration causes intermittent 403 authentication failures in RHDH
- RHDHBUGS-3398 - [1.10.2] - Regression: Orchestrator Loki backend module fails validation and crashes on boot if logPipelineFilters contains brace characters { (breaks LogQL line_format expressions)
- RHDHBUGS-3286 - [release-1.10.z] MyGroups menu has black text on black background
- RHDHBUGS-3288 - Bitbucket issue mistmatch
- RHDHBUGS-3291 - [release-1.10.z] Orchestrator - Hiding an entire step in orchestrator forms
- RHDHBUGS-3293 - [release-1.10.z] Orchestrator- conditionally hidden widgets adds whitespace gaps in workflow form
CVEs
- CVE-2026-12143
- CVE-2026-12151
- CVE-2026-24781
- CVE-2026-27136
- CVE-2026-39820
- CVE-2026-42338
- CVE-2026-42499
- CVE-2026-44486
- CVE-2026-44487
- CVE-2026-44488
- CVE-2026-44492
- CVE-2026-44494
- CVE-2026-44495
- CVE-2026-44496
- CVE-2026-45736
- CVE-2026-47131
- CVE-2026-47135
- CVE-2026-47137
- CVE-2026-47139
- CVE-2026-47140
- CVE-2026-47141
- CVE-2026-47208
- CVE-2026-47210
- CVE-2026-48779
- CVE-2026-6322
- CVE-2026-6734
- CVE-2026-9277
- CVE-2026-9673
- CVE-2026-9697
References
- https://access.redhat.com/security/updates/classification/
- https://catalog.redhat.com/search?gs&searchType=containers&q=rhdh
- https://developers.redhat.com/rhdh/overview
- https://docs.redhat.com/en/documentation/red_hat_developer_hub
- https://issues.redhat.com/browse/RHDHBUGS-3286
- https://issues.redhat.com/browse/RHDHBUGS-3288
- https://issues.redhat.com/browse/RHDHBUGS-3290
- https://issues.redhat.com/browse/RHDHBUGS-3291
- https://issues.redhat.com/browse/RHDHBUGS-3293
- https://issues.redhat.com/browse/RHDHBUGS-3398
amd64
| registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:61883f5228095e3a3fd5b7daf60e29a5ffd053844f8661a2b5282a77c086dc02 |
| registry.redhat.io/rhdh/rhdh-must-gather-rhel9@sha256:aacbef97f59305a91db44c3c92c34509027b3d2a4ece07716e6fe8b217dd5ee1 |
| registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:0856143fa78dbbd74c1c068c75c265451698913608009f40600bb7c46928739b |
| registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:d4208a03e389fe82e7da2d27c491251e6d43a0b473aa80d3e6a351c77582a92a |
| registry.redhat.io/rhdh/rhdh-rag-content-rhel9@sha256:bea9305c453e377dfe6abf20076aec408efe2cbcf05f5a1c04c9b2d2f288bd65 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.