1. HYCU Support
  2. Security Advisories
  3. Security Updates

HYCU 5.2.0-4695 security updates

Updated

Latest R-Cloud Hybrid Cloud edition download

HYCU version 5.2.0

This release contains fixes for the following vulnerabilities:

  • RHSA-2025:10618:
    • CVE-2024-23337: jq: jq has signed integer overflow in jv.c:jvp_array_write
    • CVE-2025-48060: jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)
  • RHSA-2025:10698:
    • CVE-2025-6021: libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2
    • CVE-2025-49794: libxml: Heap use after free (UAF) leads to Denial of service (DoS)
    • CVE-2025-49796: libxml: Type confusion leads to Denial of service (DoS)
  • RHSA-2025:10862:
    • CVE-2025-30749: openjdk: Better Glyph drawing (Oracle CPU 2025-07)
    • CVE-2025-30754: openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)
    • CVE-2025-30761: openjdk: Improve scripting supports (Oracle CPU 2025-07)
    • CVE-2025-50106: openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)
  • RHSA-2025:10991:
    • CVE-2024-28956: microcode_ctl: From CVEorg collector
    • CVE-2024-43420: microcode_ctl: Exposure of sensitive information
    • CVE-2024-45332: microcode_ctl: Exposure of sensitive information
    • CVE-2025-20012: microcode_ctl: From CVEorg collector
    • CVE-2025-20623: microcode_ctl: Exposure of sensitive information
    • CVE-2025-24495: microcode_ctl: From CVEorg collector
  • RHSA-2025:11035:
    • CVE-2019-17543: lz4: heap-based buffer overflow in LZ4_write32
  • RHSA-2025:11036:
    • CVE-2025-47273: setuptools: Path Traversal Vulnerability in setuptools PackageIndex
  • RHSA-2025:11324:
    • CVE-2024-6174: cloud-init: Cloud init permissions flaw
  • RHSA-2025:11327:
    • CVE-2024-34397: glib2: Signal subscription vulnerabilities
    • CVE-2024-52533: glib: buffer overflow in set_connect_msg()
    • CVE-2025-4373: glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar
  • RHSA-2025:11805:
    • CVE-2025-40909: perl: Perl threads have a working directory race condition where file operations may target unintended paths
  • RHSA-2025:11884:
    • CVE-2025-5994: unbound: Unbound Cache poisoning
  • RHSA-2025:12010:
    • CVE-2025-6965: sqlite: Integer Truncation in SQLite
  • RHSA-2025:12450:
    • CVE-2025-7425: libxslt: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
  • RHSA-2025:12980:
    • CVE-2025-8058: glibc: Double free in glibc
  • RHSA-2025:13203:
    • CVE-2025-32415: libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables
  • RHSA-2025:13234:
    • CVE-2024-47081: requests: Requests vulnerable to .netrc credentials leak via malicious URLs
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more