(RHSA-2025:4250) Important: RHSA: Submariner 0.19.4 – bug fix and enhancement update

April 28, 2025 invoker category_cve

Vulnerability Details

Basic Information

Title (RHSA-2025:4250) Important: RHSA: Submariner 0.19.4 – bug fix and enhancement update
Type redhat
Published 2025-04-28T13:18:50
Last Seen 2025-04-28T17:22:35
CVSS Score 7.5 (HIGH)

CVSS v3 Details

Attack Vector NETWORK
Attack Complexity LOW
Privileges Required NONE
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact NONE
Integrity Impact NONE
Availability Impact HIGH

CVE Information

CVE IDs CVE-2024-53259, CVE-2025-22868, CVE-2025-30204
CWE CWE-405
Bulletin Family unix

Description

Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.

For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.

This advisory contains bug fixes and enhancements to the Submariner container images.

Security fix(es):

* quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux Security (CVE-2024-53259)
* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws Security (CVE-2025-22868)
* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing Security (CVE-2025-30204)

Impact Assessment

Base Score 7.5
Severity HIGH

View full CVE details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.