{"id":"RHSA-2025:2218","summary":"Red Hat Security Advisory: Red Hat Product OCP Tools 4.17 Openshift Jenkins security update","modified":"2026-04-02T10:13:30Z","published":"2025-03-05T10:03:11Z","upstream":["CVE-2024-47072","CVE-2024-47855","CVE-2024-52549","CVE-2024-52550","CVE-2024-52551"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:2218"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2316421"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324606"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2326034"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2326043"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2326047"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2218.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-47072"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-47072"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47072"},{"type":"ARTICLE","url":"https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266"},{"type":"ARTICLE","url":"https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q"},{"type":"ARTICLE","url":"https://x-stream.github.io/CVE-2024-47072.html"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-47855"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-47855"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47855"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-wwcp-26wc-3fxm"},{"type":"ARTICLE","url":"https://github.com/kordamp/json-lib/commit/a0c4a0eae277130e22979cf307c95dec4005a78e"},{"type":"ARTICLE","url":"https://github.com/kordamp/json-lib/compare/v3.0.3...v3.1.0"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-52549"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-52549"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52549"},{"type":"ARTICLE","url":"https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3447"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-52550"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-52550"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52550"},{"type":"ARTICLE","url":"https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3362"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-52551"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2024-52551"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52551"},{"type":"ARTICLE","url":"https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3361"}],"affected":[{"package":{"name":"jenkins","ecosystem":"Red Hat:ocp_tools:4.17::el9","purl":"pkg:rpm/redhat/jenkins"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.479.3.1739859586-3.el9"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:2218.json"}},{"package":{"name":"jenkins-2-plugins","ecosystem":"Red Hat:ocp_tools:4.17::el9","purl":"pkg:rpm/redhat/jenkins-2-plugins"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.17.1739859908-1.el9"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2025:2218.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}]}