{
  "document" : {
    "aggregate_severity" : {
      "text" : "mittel"
    },
    "category" : "csaf_base",
    "csaf_version" : "2.0",
    "distribution" : {
      "tlp" : {
        "label" : "WHITE",
        "url" : "https://www.first.org/tlp/"
      }
    },
    "lang" : "de-DE",
    "notes" : [ {
      "category" : "legal_disclaimer",
      "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen."
    }, {
      "category" : "description",
      "text" : "Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.",
      "title" : "Produktbeschreibung"
    }, {
      "category" : "summary",
      "text" : "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Red Hat Developer Hub ausnutzen, um einen Denial of Service Angriff durchzuführen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen und Daten zu manipulieren.",
      "title" : "Angriff"
    }, {
      "category" : "general",
      "text" : "- Linux",
      "title" : "Betroffene Betriebssysteme"
    } ],
    "publisher" : {
      "category" : "other",
      "contact_details" : "csaf-provider@cert-bund.de",
      "name" : "Bundesamt für Sicherheit in der Informationstechnik",
      "namespace" : "https://www.bsi.bund.de"
    },
    "references" : [ {
      "category" : "self",
      "summary" : "WID-SEC-W-2026-0105 - CSAF Version",
      "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0105.json"
    }, {
      "category" : "self",
      "summary" : "WID-SEC-2026-0105 - Portal Version",
      "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0105"
    }, {
      "category" : "external",
      "summary" : "RedHat Security Advisory vom 2026-01-13",
      "url" : "https://access.redhat.com/errata/RHSA-2026:0531"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:0761 vom 2026-01-19",
      "url" : "https://access.redhat.com/errata/RHSA-2026:0761"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:1730 vom 2026-02-02",
      "url" : "https://access.redhat.com/errata/RHSA-2026:1730"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:1942 vom 2026-02-04",
      "url" : "https://access.redhat.com/errata/RHSA-2026:1942"
    }, {
      "category" : "external",
      "summary" : "Fedora Security Advisory FEDORA-2026-A84E0AD039 vom 2026-02-05",
      "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-2026-a84e0ad039"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:2147 vom 2026-02-05",
      "url" : "https://access.redhat.com/errata/RHSA-2026:2147"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:2145 vom 2026-02-05",
      "url" : "https://access.redhat.com/errata/RHSA-2026:2145"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:2078 vom 2026-02-11",
      "url" : "https://access.redhat.com/errata/RHSA-2026:2078"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:2456 vom 2026-02-10",
      "url" : "https://access.redhat.com/errata/RHSA-2026:2456"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:2500 vom 2026-02-11",
      "url" : "https://access.redhat.com/errata/RHSA-2026:2500"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:2568 vom 2026-02-11",
      "url" : "https://access.redhat.com/errata/RHSA-2026:2568"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:2762 vom 2026-02-16",
      "url" : "https://access.redhat.com/errata/RHSA-2026:2762"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:2754 vom 2026-02-16",
      "url" : "https://access.redhat.com/errata/RHSA-2026:2754"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:2672 vom 2026-02-18",
      "url" : "https://access.redhat.com/errata/RHSA-2026:2672"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:2926 vom 2026-02-18",
      "url" : "https://access.redhat.com/errata/RHSA-2026:2926"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:3710 vom 2026-03-04",
      "url" : "https://access.redhat.com/errata/RHSA-2026:3710"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:3825 vom 2026-03-05",
      "url" : "https://access.redhat.com/errata/RHSA-2026:3825"
    }, {
      "category" : "external",
      "summary" : "IBM Security Bulletin 7266733 vom 2026-03-24",
      "url" : "https://www.ibm.com/support/pages/node/7266733"
    }, {
      "category" : "external",
      "summary" : "HCL Security Bulletin",
      "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130587"
    }, {
      "category" : "external",
      "summary" : "IBM Security Bulletin 7273312 vom 2026-05-18",
      "url" : "https://www.ibm.com/support/pages/node/7273312"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:18480 vom 2026-05-19",
      "url" : "https://access.redhat.com/errata/RHSA-2026:18480"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:18868 vom 2026-05-19",
      "url" : "https://access.redhat.com/errata/RHSA-2026:18868"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:19712 vom 2026-05-21",
      "url" : "https://access.redhat.com/errata/RHSA-2026:19712"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:20042 vom 2026-05-27",
      "url" : "https://access.redhat.com/errata/RHSA-2026:20042"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:21658 vom 2026-06-03",
      "url" : "https://access.redhat.com/errata/RHSA-2026:21658"
    }, {
      "category" : "external",
      "summary" : "IBM Security Bulletin 7278339 vom 2026-06-29",
      "url" : "https://www.ibm.com/support/pages/node/7278339"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2026:33371 vom 2026-06-30",
      "url" : "https://access.redhat.com/errata/RHSA-2026:33371"
    } ],
    "source_lang" : "en-US",
    "title" : "Red Hat Developer Hub: Mehrere Schwachstellen",
    "tracking" : {
      "current_release_date" : "2026-06-29T22:00:00.000+00:00",
      "generator" : {
        "date" : "2026-06-30T09:07:20.077+00:00",
        "engine" : {
          "name" : "BSI-WID",
          "version" : "1.6.0"
        }
      },
      "id" : "WID-SEC-W-2026-0105",
      "initial_release_date" : "2026-01-13T23:00:00.000+00:00",
      "revision_history" : [ {
        "date" : "2026-01-13T23:00:00.000+00:00",
        "number" : "1",
        "summary" : "Initiale Fassung"
      }, {
        "date" : "2026-01-18T23:00:00.000+00:00",
        "number" : "2",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-01-20T23:00:00.000+00:00",
        "number" : "3",
        "summary" : "Korrektur Plattformauswahl"
      }, {
        "date" : "2026-02-02T23:00:00.000+00:00",
        "number" : "4",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-02-04T23:00:00.000+00:00",
        "number" : "5",
        "summary" : "Neue Updates von Red Hat und Fedora aufgenommen"
      }, {
        "date" : "2026-02-05T23:00:00.000+00:00",
        "number" : "6",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-02-10T23:00:00.000+00:00",
        "number" : "7",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-02-11T23:00:00.000+00:00",
        "number" : "8",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-02-16T23:00:00.000+00:00",
        "number" : "9",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-02-18T23:00:00.000+00:00",
        "number" : "10",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-03-03T23:00:00.000+00:00",
        "number" : "11",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-03-04T23:00:00.000+00:00",
        "number" : "12",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-03-24T23:00:00.000+00:00",
        "number" : "13",
        "summary" : "Neue Updates von IBM aufgenommen"
      }, {
        "date" : "2026-05-10T22:00:00.000+00:00",
        "number" : "14",
        "summary" : "Neue Updates von HCL aufgenommen"
      }, {
        "date" : "2026-05-18T22:00:00.000+00:00",
        "number" : "15",
        "summary" : "Neue Updates von IBM aufgenommen"
      }, {
        "date" : "2026-05-19T22:00:00.000+00:00",
        "number" : "16",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-05-20T22:00:00.000+00:00",
        "number" : "17",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-05-26T22:00:00.000+00:00",
        "number" : "18",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-06-04T22:00:00.000+00:00",
        "number" : "19",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      }, {
        "date" : "2026-06-28T22:00:00.000+00:00",
        "number" : "20",
        "summary" : "Neue Updates von IBM aufgenommen"
      }, {
        "date" : "2026-06-29T22:00:00.000+00:00",
        "number" : "21",
        "summary" : "Neue Updates von Red Hat aufgenommen"
      } ],
      "status" : "final",
      "version" : "21"
    }
  },
  "product_tree" : {
    "branches" : [ {
      "branches" : [ {
        "category" : "product_name",
        "name" : "Fedora Linux",
        "product" : {
          "name" : "Fedora Linux",
          "product_id" : "74185",
          "product_identification_helper" : {
            "cpe" : "cpe:/o:fedoraproject:fedora:-"
          }
        }
      } ],
      "category" : "vendor",
      "name" : "Fedora"
    }, {
      "branches" : [ {
        "branches" : [ {
          "category" : "product_version",
          "name" : "WebUI",
          "product" : {
            "name" : "HCL BigFix WebUI",
            "product_id" : "T036098",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:hcltech:bigfix:webui"
            }
          }
        } ],
        "category" : "product_name",
        "name" : "BigFix"
      } ],
      "category" : "vendor",
      "name" : "HCL"
    }, {
      "branches" : [ {
        "category" : "product_name",
        "name" : "IBM Business Automation Workflow",
        "product" : {
          "name" : "IBM Business Automation Workflow",
          "product_id" : "T053688",
          "product_identification_helper" : {
            "cpe" : "cpe:/a:ibm:business_automation_workflow:-"
          }
        }
      }, {
        "category" : "product_name",
        "name" : "IBM DB2",
        "product" : {
          "name" : "IBM DB2",
          "product_id" : "T048379",
          "product_identification_helper" : {
            "cpe" : "cpe:/a:ibm:db2:-"
          }
        }
      }, {
        "category" : "product_name",
        "name" : "IBM InfoSphere Information Server",
        "product" : {
          "name" : "IBM InfoSphere Information Server",
          "product_id" : "T019995",
          "product_identification_helper" : {
            "cpe" : "cpe:/a:ibm:infosphere_information_server:-"
          }
        }
      } ],
      "category" : "vendor",
      "name" : "IBM"
    }, {
      "branches" : [ {
        "branches" : [ {
          "category" : "product_name",
          "name" : "Red Hat Enterprise Linux",
          "product" : {
            "name" : "Red Hat Enterprise Linux",
            "product_id" : "67646",
            "product_identification_helper" : {
              "cpe" : "cpe:/o:redhat:enterprise_linux:-"
            }
          }
        }, {
          "category" : "product_version_range",
          "name" : "Developer Hub <1.8.2",
          "product" : {
            "name" : "Red Hat Enterprise Linux Developer Hub <1.8.2",
            "product_id" : "T049943"
          }
        }, {
          "category" : "product_version",
          "name" : "Developer Hub 1.8.2",
          "product" : {
            "name" : "Red Hat Enterprise Linux Developer Hub 1.8.2",
            "product_id" : "T049943-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/o:redhat:enterprise_linux:developer_hub__1.8.2"
            }
          }
        } ],
        "category" : "product_name",
        "name" : "Enterprise Linux"
      }, {
        "branches" : [ {
          "category" : "product_version_range",
          "name" : "Container Platform <4.19.32",
          "product" : {
            "name" : "Red Hat OpenShift Container Platform <4.19.32",
            "product_id" : "T054748"
          }
        }, {
          "category" : "product_version",
          "name" : "Container Platform 4.19.32",
          "product" : {
            "name" : "Red Hat OpenShift Container Platform 4.19.32",
            "product_id" : "T054748-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:redhat:openshift:container_platform__4.19.32"
            }
          }
        }, {
          "category" : "product_version_range",
          "name" : "Container Platform <4.18.43",
          "product" : {
            "name" : "Red Hat OpenShift Container Platform <4.18.43",
            "product_id" : "T054988"
          }
        }, {
          "category" : "product_version",
          "name" : "Container Platform 4.18.43",
          "product" : {
            "name" : "Red Hat OpenShift Container Platform 4.18.43",
            "product_id" : "T054988-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:redhat:openshift:container_platform__4.18.43"
            }
          }
        } ],
        "category" : "product_name",
        "name" : "OpenShift"
      } ],
      "category" : "vendor",
      "name" : "Red Hat"
    } ]
  },
  "vulnerabilities" : [ {
    "cve" : "CVE-2025-15284",
    "product_status" : {
      "known_affected" : [ "T019995", "67646", "T054748", "T054988", "T053688", "T036098", "T049943", "74185", "T048379" ]
    },
    "release_date" : "2026-01-13T23:00:00.000+00:00",
    "title" : "CVE-2025-15284"
  }, {
    "cve" : "CVE-2025-64756",
    "product_status" : {
      "known_affected" : [ "T019995", "67646", "T054748", "T054988", "T053688", "T036098", "T049943", "74185", "T048379" ]
    },
    "release_date" : "2026-01-13T23:00:00.000+00:00",
    "title" : "CVE-2025-64756"
  }, {
    "cve" : "CVE-2025-65945",
    "product_status" : {
      "known_affected" : [ "T019995", "67646", "T054748", "T054988", "T053688", "T036098", "T049943", "74185", "T048379" ]
    },
    "release_date" : "2026-01-13T23:00:00.000+00:00",
    "title" : "CVE-2025-65945"
  } ]
}