Issued:

2025-05-28

Updated:

2025-05-28

RHSA-2025:8278 - Important: Errata Advisory for Red Hat OpenShift GitOps v1.16.1 security update

Synopsis

Important: Errata Advisory for Red Hat OpenShift GitOps v1.16.1 security update

Type/Severity

Security Advisory Important

Topic

Errata Advisory for Red Hat OpenShift GitOps v1.16.1 security update.

Description

Errata Advisory for Red Hat OpenShift GitOps v1.16.1 security release.

Security Fix(es):

• openshift-gitops-argocd-container: Improper URL Sanitization in Argo CD Repository Page Allows Cross-Site Scripting (XSS) gitops-1.16
• openshift-gitops-1/gitops-operator-bundle: Improper URL Sanitization in Argo CD Repository Page Allows Cross-Site Scripting (XSS) gitops-1.16

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Fixes

• This content is not included.GITOPS-6721
• This content is not included.GITOPS-6759

CVEs

• CVE-2024-8176
• CVE-2024-12087
• CVE-2024-12088
• CVE-2024-12133
• CVE-2024-12243
• CVE-2024-12747
• CVE-2024-52005
• CVE-2024-56171
• CVE-2025-0395
• CVE-2025-24528
• CVE-2025-24928
• CVE-2025-26465
• CVE-2025-47933

References

• https://access.redhat.com/security/updates/classification/#important

Additional information

• The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
• Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.