SB2026021731 - Two vulnerabilities in cert-manager Operator for Red Hat OpenShift 1.18

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Improper certificate validation (CVE-ID: CVE-2025-61727)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists in crypto/x509 due to incorrect handling of wildcard SANs in the leaf certificate when processing excluded constraint in a certificate chain. A remote attacker can create a specially crafted certificate and bypass implemented domain restrictions and perform MitM or phishing attacks.

2) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2025-66418)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to missing limits on the number of links in the decompression chain when handling gzip or zstd data in the server response. A malicious server can send a response with a large amount of links and cause high CPU load, leading to a denial of service condition. 

Remediation

Install update from vendor's website.

References

• https://access.redhat.com/errata/RHSA-2026:0990
• https://access.redhat.com/errata/RHSA-2026:1042