{"id":9156,"date":"2026-07-10T16:35:35","date_gmt":"2026-07-10T16:35:35","guid":{"rendered":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/"},"modified":"2026-07-10T16:35:35","modified_gmt":"2026-07-10T16:35:35","slug":"red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143","status":"publish","type":"post","link":"https:\/\/locaterisk.com\/fr\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/","title":{"rendered":"Red Hat OpenShift AI : plusieurs failles de s\u00e9curit\u00e9 critiques (CVE-2026-15378, CVE-2026-15143)"},"content":{"rendered":"<div class=\"wp-block-lr-blog-article-header-module\">\r\n    <div class=\"content\">\r\n\t\t<div class=\"headline\">\r\n\t\t\t<button class=\"to-blog-button\">Retour au blog                <a href=\"https:\/\/locaterisk.com\/fr\/blog\/\"><\/a>\r\n\t\t\t<\/button>\r\n\t\t\t\t\t<\/div>\r\n        <div class=\"main-content\">\r\n\t\t\t\t\t\t<!--\r\n            <div class=\"header\">\r\n                <h6> <\/h6>\r\n            <\/div>\r\n\t\t\t\t\t\t-->\r\n            <h1 class=\"title\">Red Hat OpenShift AI : plusieurs failles de s\u00e9curit\u00e9 critiques (CVE-2026-15378, CVE-2026-15143)<\/h1>\r\n            <p class=\"paragraph\"><br><span class=\"lr-ai-disclosure\" style=\"display:block;margin:8px 0 28px;font-size:14px;line-height:1.4;color:#8b93a7;font-family:inherit;font-style:italic;\">Ce texte a \u00e9t\u00e9 g\u00e9n\u00e9r\u00e9 par l'intelligence artificielle (IA).<\/span><strong>Mise \u00e0 jour du 10 juillet 2026 :<\/strong> Par ailleurs, la vuln\u00e9rabilit\u00e9 CVE-2026-15143 (CVSS 9,3) a \u00e9t\u00e9 signal\u00e9e. Cette autre vuln\u00e9rabilit\u00e9 de type \u00ab Blind SSRF \u00bb affecte \u00e9galement la <strong>d\u00e9tecteurs de glissi\u00e8res de s\u00e9curit\u00e9<\/strong>- et permet aux pirates d'acc\u00e9der via le <strong>type_de_fichier<\/strong>- D\u00e9tection des acc\u00e8s non autoris\u00e9s aux syst\u00e8mes internes. Voir ci-dessous pour plus de d\u00e9tails.<br><br>Le 10 juillet 2026, deux vuln\u00e9rabilit\u00e9s critiques ont \u00e9t\u00e9 d\u00e9couvertes dans le composant <strong>d\u00e9tecteurs de glissi\u00e8res de s\u00e9curit\u00e9<\/strong> de <strong>Red Hat OpenShift AI<\/strong> publi\u00e9es. Ces failles ont chacune un score CVSS de <strong>9,3 (Critique)<\/strong> ont \u00e9t\u00e9 \u00e9valu\u00e9es et permettent \u00e0 un attaquant distant non authentifi\u00e9 d'acc\u00e9der \u00e0 des syst\u00e8mes et donn\u00e9es internes sensibles par le biais d'une attaque de type \u00ab Server-Side Request Forgery \u00bb (SSRF). \u00c0 ce jour (10 juillet 2026), rien n'indique que ces vuln\u00e9rabilit\u00e9s soient activement exploit\u00e9es dans la nature.<\/p>\r\n        <\/div>\r\n    <\/div>\r\n<\/div>\r\n\r\n\r\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"400\" height=\"400\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector.png\" alt=\"Red Hat OpenShift AI: mehrere kritische Sicherheitsl\u00fccken (CVE-2026-15378, CVE-2026-15143)\" class=\"wp-image-9141\" srcset=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector.png 400w, https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector-300x300.png 300w, https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector-150x150.png 150w, https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector-12x12.png 12w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><\/figure><\/div>\n\n\n<h2 class=\"wp-block-heading\"><strong>Aper\u00e7u des faits<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CVE-2026-15378 :<\/strong> SSRF aveugle via une d\u00e9finition de sch\u00e9ma XML (XSD) sp\u00e9cialement con\u00e7ue<\/li>\n\n\n\n<li><strong>CVE-2026-15143 :<\/strong> SSRF aveugle via le <strong>type_de_fichier<\/strong>-D\u00e9tecteur utilisant un XSD quelconque<\/li>\n\n\n\n<li><strong>Score CVSS :<\/strong> 9,3 (critique) dans chaque cas<\/li>\n\n\n\n<li><strong>Composant concern\u00e9 :<\/strong> <strong>d\u00e9tecteurs de glissi\u00e8res de s\u00e9curit\u00e9<\/strong> dans Red Hat OpenShift AI<\/li>\n\n\n\n<li><strong>Vecteur d'attaque :<\/strong> R\u00e9seau (AV:N), aucune authentification requise (PR:N)<\/li>\n\n\n\n<li><strong>\u00c9tat du correctif :<\/strong> \u00c0 la date de publication (10 juillet 2026), aucune version corrig\u00e9e sp\u00e9cifique n'est encore connue pour ces deux CVE.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>D\u00e9tails techniques concernant CVE-2026-15378<\/strong><\/h2>\n\n\n\n<p>Selon l'avis publi\u00e9 par Red Hat, un attaquant peut d\u00e9clencher une attaque de type \u00ab Blind Server-Side Request Forgery \u00bb en envoyant une d\u00e9finition de sch\u00e9ma XML (XSD) sp\u00e9cialement con\u00e7ue au composant concern\u00e9. Dans ce type d'attaque, le serveur vuln\u00e9rable est amen\u00e9 \u00e0 envoyer des requ\u00eates \u00e0 d'autres syst\u00e8mes au nom de l'attaquant. Ces requ\u00eates peuvent contourner les pare-feu et autres m\u00e9canismes de protection, car elles proviennent d'une source interne de confiance.<\/p>\n\n\n\n<p>Le vecteur CVSS <strong>CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:L\/A:N<\/strong> souligne le caract\u00e8re hautement critique de la situation :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>AV:N (R\u00e9seau) :<\/strong> L'attaque peut \u00eatre lanc\u00e9e via le r\u00e9seau.<\/li>\n\n\n\n<li><strong>AC:L (faible) :<\/strong> Sa mise en \u0153uvre ne pr\u00e9sente aucune complexit\u00e9 particuli\u00e8re.<\/li>\n\n\n\n<li><strong>PR:N (Aucun) :<\/strong> Aucun privil\u00e8ge n'est n\u00e9cessaire pour lancer l'attaque.<\/li>\n\n\n\n<li><strong>UI:N (Aucun) :<\/strong> Aucune intervention de la part d'un utilisateur n'est n\u00e9cessaire.<\/li>\n<\/ul>\n\n\n\n<p>Selon Red Hat Bugzilla, cette vuln\u00e9rabilit\u00e9 porte le num\u00e9ro d'identification 2498941.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>D\u00e9tails techniques concernant CVE-2026-15143<\/strong><\/h2>\n\n\n\n<p>CVE-2026-15143 repr\u00e9sente une nouvelle vuln\u00e9rabilit\u00e9 SSRF aveugle dans la <strong>d\u00e9tecteurs de glissi\u00e8res de s\u00e9curit\u00e9<\/strong>-composante. Le vecteur d'attaque passe par le <strong>type_de_fichier<\/strong>-d\u00e9tecteur, un attaquant pouvant \u00e9galement d\u00e9clencher une attaque de type \u00ab Server-Side Request Forgery \u00bb en injectant une d\u00e9finition de sch\u00e9ma XML (XSD) de son choix. Les caract\u00e9ristiques techniques correspondent \u00e0 celles de CVE-2026-15378 :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Vecteur CVSS :<\/strong> <strong>CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:L\/A:N<\/strong><\/li>\n\n\n\n<li><strong>Score CVSS :<\/strong> 9,3 (Critique)<\/li>\n\n\n\n<li><strong>Voie d'attaque :<\/strong> Bas\u00e9 sur le r\u00e9seau, aucune authentification requise<\/li>\n<\/ul>\n\n\n\n<p>Ces deux vuln\u00e9rabilit\u00e9s permettent d'acc\u00e9der aux services de m\u00e9tadonn\u00e9es dans le cloud, \u00e0 l'API Kubernetes, aux stockages MinIO internes et \u00e0 d'autres points de terminaison r\u00e9seau, ainsi que de lire des fichiers locaux tels que les jetons de compte de service et les secrets de pod.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Risques op\u00e9rationnels li\u00e9s aux vuln\u00e9rabilit\u00e9s SSRF<\/strong><\/h2>\n\n\n\n<p>Une attaque r\u00e9ussie contre <strong>Red Hat OpenShift AI<\/strong> Une exploitation des vuln\u00e9rabilit\u00e9s CVE-2026-15378 ou CVE-2026-15143 peut avoir des cons\u00e9quences importantes, notamment dans les environnements cloud et Kubernetes. Parmi les risques directs, on peut citer :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Compromission de comptes dans le cloud :<\/strong> Les pirates peuvent acc\u00e9der aux services de m\u00e9tadonn\u00e9es dans le cloud et y d\u00e9rober les identifiants qui y sont stock\u00e9s.<\/li>\n\n\n\n<li><strong>Reprise des clusters Kubernetes :<\/strong> L'acc\u00e8s \u00e0 l'API Kubernetes peut entra\u00eener la compromission totale du cluster.<\/li>\n\n\n\n<li><strong>Acc\u00e8s aux bases de donn\u00e9es internes :<\/strong> Les syst\u00e8mes internes, tels que le stockage MinIO ou d'autres points d'extr\u00e9mit\u00e9 r\u00e9seau, deviennent accessibles.<\/li>\n\n\n\n<li><strong>Vol d'identifiants :<\/strong> Ces vuln\u00e9rabilit\u00e9s permettent la lecture de fichiers locaux, ce qui peut permettre \u00e0 des attaquants d'acc\u00e9der \u00e0 des jetons de compte de service ou \u00e0 des secrets stock\u00e9s dans des pods.<\/li>\n<\/ul>\n\n\n\n<p>Ces informations peuvent servir de point de d\u00e9part \u00e0 d'autres attaques au sein de l'infrastructure informatique. La pr\u00e9sence de deux vecteurs SSRF ind\u00e9pendants dans le m\u00eame composant augmente consid\u00e9rablement la surface d'attaque.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Mesures recommand\u00e9es et aspects li\u00e9s \u00e0 la conformit\u00e9<\/strong><\/h2>\n\n\n\n<p>Red Hat a confirm\u00e9 ces deux vuln\u00e9rabilit\u00e9s. \u00c0 la date de publication, aucune version corrig\u00e9e sp\u00e9cifique n'est encore connue (au 10 juillet 2026) ; de m\u00eame, aucun num\u00e9ro de version sp\u00e9cifique concern\u00e9 n'a \u00e9t\u00e9 publi\u00e9. Les op\u00e9rateurs de <strong>Red Hat OpenShift AI<\/strong> Toutes les installations en production devraient \u00eatre \u00e9quip\u00e9es de la <strong>d\u00e9tecteurs de glissi\u00e8res de s\u00e9curit\u00e9<\/strong>- Consid\u00e9rer ce composant comme potentiellement concern\u00e9 et prendre imm\u00e9diatement les mesures suivantes :<\/p>\n\n\n\n<ol class=\"wp-block-list has-text-color\" style=\"color:#ffffff\">\n<li><strong>V\u00e9rifier l'\u00e9tat du syst\u00e8me :<\/strong> Identifiez toutes les instances de Red Hat OpenShift AI pr\u00e9sentes dans votre infrastructure.<\/li>\n\n\n\n<li><strong>Suivre les mises \u00e0 jour :<\/strong> Suivez les avis de s\u00e9curit\u00e9 officiels de Red Hat concernant <a href=\"https:\/\/access.redhat.com\/security\/cve\/CVE-2026-15378\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2026-15378<\/a> et <a href=\"https:\/\/access.redhat.com\/security\/cve\/CVE-2026-15143\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2026-15143<\/a> V\u00e9rifiez si des mises \u00e0 jour sont disponibles et installez-les d\u00e8s qu'elles sont disponibles.<\/li>\n<\/ol>\n\n\n\n<p>La gestion proactive de ces vuln\u00e9rabilit\u00e9s est un \u00e9l\u00e9ment central des syst\u00e8mes de gestion de la s\u00e9curit\u00e9 de l'information (SGSI) conform\u00e9ment \u00e0 <strong>ISO 27001<\/strong> et une exigence pr\u00e9vue par la r\u00e9glementation, telle que <strong>NIS-2<\/strong>. La mise en place d'un processus bien \u00e9tabli de gestion des vuln\u00e9rabilit\u00e9s et des correctifs est indispensable pour garantir la conformit\u00e9.<\/p>\n\n\n\n<p>Les entreprises et les administrations de la r\u00e9gion DACH sont en outre soumises \u00e0 des obligations l\u00e9gales sp\u00e9cifiques : si une attaque r\u00e9ussie exploitant ces vuln\u00e9rabilit\u00e9s entra\u00eene un acc\u00e8s non autoris\u00e9 \u00e0 des donn\u00e9es \u00e0 caract\u00e8re personnel, l'obligation de d\u00e9claration s'applique conform\u00e9ment \u00e0 <strong>Art. 33 du RGPD<\/strong> dans un d\u00e9lai de 72 heures aupr\u00e8s de l'autorit\u00e9 de contr\u00f4le comp\u00e9tente. Les exploitants d'infrastructures essentielles au sens de la <strong>Directive NIS 2<\/strong> sont en outre tenues de mettre en place un syst\u00e8me v\u00e9rifiable de gestion des vuln\u00e9rabilit\u00e9s et de signaler sans d\u00e9lai tout incident de s\u00e9curit\u00e9 majeur. Le BSI recommande de mani\u00e8re g\u00e9n\u00e9rale d'installer en priorit\u00e9 les mises \u00e0 jour de s\u00e9curit\u00e9 disponibles pour les vuln\u00e9rabilit\u00e9s jug\u00e9es critiques.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Comment LocateRisk vous aide \u00e0 vous prot\u00e9ger<\/strong><\/h2>\n\n\n\n<p>Des vuln\u00e9rabilit\u00e9s telles que CVE-2026-15378 et CVE-2026-15143 montrent \u00e0 quel point il est important d'assurer une surveillance continue de l'infrastructure informatique externe et de la situation en mati\u00e8re de s\u00e9curit\u00e9 chez les fournisseurs.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Gestion de la surface d'attaque externe (EASM) :<\/strong> Red Hat OpenShift AI est souvent exploit\u00e9 en tant que service sur les domaines propres aux clients et fait donc partie de la surface d'attaque externe. LocateRisk aide les \u00e9quipes informatiques \u00e0 identifier les syst\u00e8mes expos\u00e9s \u2014 y compris les sous-domaines oubli\u00e9s, l\u2019informatique fant\u00f4me et les ressources cloud non r\u00e9pertori\u00e9es \u2014 et \u00e0 hi\u00e9rarchiser les ressources potentiellement vuln\u00e9rables avant qu\u2019elles ne puissent \u00eatre activement exploit\u00e9es.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Gestion des risques li\u00e9s aux fournisseurs (VRM) :<\/strong> Il est essentiel d'assurer une surveillance continue de la s\u00e9curit\u00e9 des fournisseurs de technologies tels que Red Hat. LocateRisk \u00e9value les performances de s\u00e9curit\u00e9 des fournisseurs tiers et signale toute vuln\u00e9rabilit\u00e9 critique ou toute d\u00e9gradation du niveau de s\u00e9curit\u00e9. Cela permet de g\u00e9rer syst\u00e9matiquement les risques au sein de la cha\u00eene d'approvisionnement.<\/li>\n<\/ul>\n\n\n\n<p>La combinaison d'une vision externe de l'infrastructure propre \u00e0 l'entreprise (EASM) et de l'\u00e9valuation des fournisseurs (VRM) aide les entreprises \u00e0 r\u00e9duire syst\u00e9matiquement et \u00e0 d\u00e9tecter \u00e0 un stade pr\u00e9coce les risques li\u00e9s aux vuln\u00e9rabilit\u00e9s des logiciels tiers.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Sources et informations compl\u00e9mentaires<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Avis de s\u00e9curit\u00e9 Red Hat (CVE-2026-15378) :<\/strong> <a href=\"https:\/\/access.redhat.com\/security\/cve\/CVE-2026-15378\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/access.redhat.com\/security\/cve\/CVE-2026-15378<\/a><\/li>\n\n\n\n<li><strong>Avis de s\u00e9curit\u00e9 Red Hat (CVE-2026-15143) :<\/strong> <a href=\"https:\/\/access.redhat.com\/security\/cve\/CVE-2026-15143\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/access.redhat.com\/security\/cve\/CVE-2026-15143<\/a><\/li>\n\n\n\n<li><strong>Red Hat Bugzilla :<\/strong> <a href=\"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2498941\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2498941<\/a><\/li>\n<\/ul>\n\n\n\n<div class=\"wp-block-lr-faq-module\"><div class=\"content\"><h3><strong>Questions fr\u00e9quentes<\/strong><\/h3><div class=\"faq-topic\"><hr\/><div class=\"collapsible-title\"><a class=\"pr-4\"><strong>Qu'est-ce qu'une attaque de type \u00ab Server-Side Request Forgery \u00bb (SSRF) ?<\/strong><\/a><img class=\"collapse-toggle\" srcset=\"https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@3x.png 3x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@2x.png 2x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus.png 1x\"\/><\/div><div class=\"collapsible-content\"><p class=\"font-normal\">Une attaque de type \u00ab Server-Side Request Forgery \u00bb (SSRF) est une faille de s\u00e9curit\u00e9 dans laquelle un attaquant incite un serveur \u00e0 envoyer une requ\u00eate vers une ressource qu'il contr\u00f4le ou vers une ressource interne. Le serveur fait alors office de proxy, ce qui peut \u00eatre exploit\u00e9 pour contourner les pare-feu et acc\u00e9der \u00e0 des syst\u00e8mes internes.<\/p><\/div><\/div><div class=\"faq-topic\"><hr\/><div class=\"collapsible-title\"><a class=\"pr-4\"><strong>Quelles versions de Red Hat OpenShift AI sont concern\u00e9es ?<\/strong><\/a><img class=\"collapse-toggle\" srcset=\"https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@3x.png 3x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@2x.png 2x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus.png 1x\"\/><\/div><div class=\"collapsible-content\"><p class=\"font-normal\">\u00c0 la date de la divulgation (10 juillet 2026), Red Hat n'avait publi\u00e9 aucun num\u00e9ro de version sp\u00e9cifique concern\u00e9 ou corrig\u00e9 pour ces deux CVE. Les op\u00e9rateurs doivent v\u00e9rifier toutes les installations RHOAI en production avec la <strong>d\u00e9tecteurs de glissi\u00e8res de s\u00e9curit\u00e9<\/strong>- Consid\u00e9rer ce composant comme potentiellement concern\u00e9 et consulter r\u00e9guli\u00e8rement les avis de s\u00e9curit\u00e9 officiels pour obtenir les derni\u00e8res informations.<\/p><\/div><\/div><div class=\"faq-topic\"><hr\/><div class=\"collapsible-title\"><a class=\"pr-4\"><strong>Existe-t-il un correctif pour les vuln\u00e9rabilit\u00e9s CVE-2026-15378 et CVE-2026-15143 ?<\/strong><\/a><img class=\"collapse-toggle\" srcset=\"https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@3x.png 3x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@2x.png 2x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus.png 1x\"\/><\/div><div class=\"collapsible-content\"><p class=\"font-normal\">\u00c0 la date de publication de cet article (10\/07\/2026), aucune version corrig\u00e9e sp\u00e9cifique n'est encore connue pour ces deux vuln\u00e9rabilit\u00e9s. Les entreprises qui utilisent Red Hat OpenShift AI doivent consulter r\u00e9guli\u00e8rement les avis de s\u00e9curit\u00e9 officiels de Red Hat pour v\u00e9rifier la disponibilit\u00e9 de mises \u00e0 jour et les installer sans d\u00e9lai d\u00e8s leur publication. ## Connaissez-vous votre surface d'attaque externe ? LocateRisk identifie et \u00e9value en permanence vos syst\u00e8mes informatiques externes afin de d\u00e9tecter les failles de s\u00e9curit\u00e9. Vous savez ainsi \u00e0 tout moment o\u00f9 votre entreprise est vuln\u00e9rable. <a href=\"https:\/\/locaterisk.com\/fr\/demo\/\" target=\"_blank\" rel=\"noreferrer noopener\">Demander un contr\u00f4le de s\u00e9curit\u00e9 gratuit<\/a><\/p><\/div><\/div><\/div><\/div>\n\n\n\n<div class=\"wp-block-lr-contact-post-module\">\n\t<div id=\"lr-contact-form\" class=\"wp-block-lr-contact-post-module\">\n\t\t<div id=\"formular\" class=\"content\">\n\t\t\t<div class=\"inner-content\">\n\t\t\t\t<div class=\"column-2 feature-mode\">\n\t\t\t\t\t<h2><br>Demandez maintenant une D\u00e9mo en direct personelle<\/h2>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div>\n\t\t\t\t\t\t\t\t<p class=\"margin-b-36\">Identifiez et r\u00e9duisez vos cyber-risques gr\u00e2ce \u00e0 un aper\u00e7u comparable et compr\u00e9hensible de votre s\u00e9curit\u00e9 informatique. Demandez conseil \u00e0 nos experts et d\u00e9couvrez comment LocateRisk peut vous aider \u00e0 r\u00e9soudre vos cyber-risques.<\/p>\n\t\t\t\t\t\t\t<\/div>\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<\/div> \n\t\t\t\t<div class=\"column-2\">\n\t\t\t\t\t<form action=\"\" class=\"form\" method=\"post\" role=\"form\" novalidate data-trp-original-action=\"\">\n\t\t\t\t\t\t<input type=\"text\" id=\"successmessage\" name=\"successmessage\" value=\"Ihre Registrierung war erfolgreich Ihre Anfrage wurde erfolgreich versendet. Wir haben Ihnen soeben eine Best\u00e4tigungsmail mit einem Aktivierungs-Link zugesendet, um einem Missbrauch Ihrer E-Mail Adresse durch Dritte vorzubeugen. Die Mail wird von sales@locaterisk.com versendet und sollte sich i n wenigen Minuten in Ihrem Posteingang finden.\" hidden>\n\t\t\t\t\t\t<input type=\"text\" id=\"errormessage\" name=\"errormessage\" value=\"Da ist wohl etwas schief gelaufen. Bitte probieren Sie es erneut oder nehmen Sie direkt mit uns Kontakt auf\" hidden>\n\t\t\t\t\t\t<input type=\"text\" id=\"slug\" name=\"slug\" value=\"red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\" hidden>\n\n\t\t\t\t\t\t\t\t\t\t\t\t\t<input\n\t\t\t\t\t\t\t\ttype=\"text\"\n\t\t\t\t\t\t\t\tid=\"name\"\n\t\t\t\t\t\t\t\tname=\"name\"\n\t\t\t\t\t\t\t\tplaceholder=\"Pr\u00e9nom\"\n\t\t\t\t\t\t\t\trequired\tmaxlength=\"50\"\/>\n\n\t\t\t\t\t\t\t<input\n\t\t\t\t\t\t\t\ttype=\"text\"\n\t\t\t\t\t\t\t\tid=\"surname\"\n\t\t\t\t\t\t\t\tname=\"surname\"\n\t\t\t\t\t\t\t\tplaceholder=\"Nom\"\n\t\t\t\t\t\t\t\trequired\n\t\t\t\t\t\t\t\tmaxlength=\"50\"\/>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<input\n\t\t\t\t\t\t\ttype=\"email\"\n\t\t\t\t\t\t\tid=\"email\"\n\t\t\t\t\t\t\tname=\"email\"\n\t\t\t\t\t\t\tplaceholder=\"Courrier \u00e9lectronique\"\n\t\t\t\t\t\t\trequired\n\t\t\t\t\t\t\tmaxlength=\"50\"\/>\n\n\t\t\t\t\t\t<input\n\t\t\t\t\t\t\ttype=\"text\"\n\t\t\t\t\t\t\tid=\"phone\"\n\t\t\t\t\t\t\tname=\"phone\"\n\t\t\t\t\t\t\tplaceholder=\"T\u00e9l\u00e9phone\"\n\t\t\t\t\t\t\trequired\n\t\t\t\t\t\t\tmaxlength=\"50\"\/>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t<h6 class=\"error-message\" hidden>...<\/h6>\n\t\t\t\t\t\t<div class=\"checkbox_container\">\n\t\t\t\t\t\t\t<div class=\"checkbox\">\n\t\t\t\t\t\t\t\t<input\n\t\t\t\t\t\t\t\t\ttype=\"checkbox\"\n\t\t\t\t\t\t\t\t\tid=\"checkbox\"\n\t\t\t\t\t\t\t\t\tname=\"checkbox\" \/>\n\n\t\t\t\t\t\t\t\t<label for=\"checkbox\"><\/label>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<p class=\"translation-block\">Je suis d'accord avec la politique de confidentialit\u00e9<\/p> \n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\n\t\t\t\t\t<div class=\"g-recaptcha\" data-sitekey=\"6LdErNoZAAAAAD1Re2jNxtDFfcDaL9iED5MRBzjR\" data-callback=\"verifyRecaptchaCallback\" data-expired-callback=\"expiredRecaptchaCallback\"><\/div>\n\t\t\t\t\t<input type=\"hidden\" name=\"g-recaptcha-response\" data-recaptcha \/>\n\n\t\t\t\t\t\t<button class=\"lr-button-link\" type=\"submit\"> Demander une d\u00e9mo<\/button>\n\t\t\t\t\t<input type=\"hidden\" name=\"trp-form-language\" value=\"fr\"\/><\/form>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/div>\n\t<\/div>\n\t\n\t<\/div>\n\n\n\n<hr class=\"wp-block-separator has-css-opacity is-style-wide\"\/>\n\n\n\n<div class=\"wp-block-lr-contact-module\"><div class=\"content\"><h2>En savoir plus, r\u00e9server une d\u00e9mo ou simplement \u00e9changer quelques mots ? Nous nous en r\u00e9jouissons !<\/h2><div class=\"contact-info-row\"><div class=\"contact-person-info\"><div class=\"avatar\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2025\/06\/Lukas_Baumann_LocateRisk-300.png\"><\/div><p><span class=\"text before\">Votre Contact<\/span><span class=\"bold name\"><strong>Lukas<\/strong><\/span> <span class=\"lastname\"><strong>Baumann<strong><\/strong><\/strong><\/span><strong><strong><span class=\"separator\"><\/span><span class=\"role\">PDG<\/span><\/strong><\/strong><\/p><\/div><p class=\"bold phone\"><strong><strong>+49 6151 6290246<\/strong><\/strong><\/p><strong><strong><a class=\"pr-1\" href=\"mailto: sales@locaterisk.com\">Contactez-nous maintenant<\/a><\/strong><\/strong><\/div><\/div><\/div>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<div class=\"wp-block-lr-footer-module lr-footer-block\"><div class=\"content\"><div class=\"column0\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/assets\/img\/lr-logo.svg\"\/><\/div><div class=\"categories\"><div class=\"categories-element\"><a class=\"pr-4\" href=\"https:\/\/locaterisk.com\/fr\/\">Accueil<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/blog\/\">Blog<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/about\/\">par rapport \u00e0 nous<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/kontakt\/\">Contact<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/impressum\/\">mentiones l\u00e9gales<\/a><\/div><div class=\"categories-break\"><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/datenschutz\/\">Confidentialit\u00e9<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/files\/agb.pdf\">CONDITIONS G\u00c9N\u00c9RALES DE VENTE<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/jobs\/\">Carri\u00e8re<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"https:\/\/app.secfix.com\/trust\/locaterisk\/d1e7d433b33643aea1880bfbfeab9f60\">Centre de confiance<\/a><\/div><\/div><div class=\"social\"><div class=\"social-element\"><a target=\"_blank\" href=\"https:\/\/www.linkedin.com\/company\/locaterisk\/\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/10\/gruppe-230@3x.png\"\/><\/a><\/div><div class=\"social-element\"><a target=\"_blank\" href=\"https:\/\/www.instagram.com\/locaterisk\/\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/Instagram.png\"\/><\/a><\/div><div class=\"social-element\"><a target=\"_blank\" href=\"https:\/\/twitter.com\/locaterisk\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/twitter.png\"\/><\/a><\/div><\/div><div class=\"description\"><h6>\u00a9 LocateRisk 2026<\/h6><\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>Deux vuln\u00e9rabilit\u00e9s SSRF critiques (CVE-2026-15378, CVE-2026-15143) avec un score CVSS de 9,3 dans Red Hat OpenShift AI permettent \u00e0 des attaquants d'acc\u00e9der sans autorisation \u00e0 des syst\u00e8mes cloud et Kubernetes.<\/p>","protected":false},"author":13,"featured_media":9141,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-9156","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Red Hat OpenShift AI \u2013 mehrere kritische L\u00fccken \u2013 Update empfohlen<\/title>\n<meta name=\"description\" content=\"Zwei kritische SSRF-Schwachstellen (CVE-2026-15378, CVE-2026-15143) mit CVSS 9.3 in Red Hat OpenShift AI erm\u00f6glichen Angreifern unautorisierten Zugriff auf Cloud- und Kubernetes-Systeme.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/locaterisk.com\/fr\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Red Hat OpenShift AI \u2013 mehrere kritische L\u00fccken \u2013 Update empfohlen\" \/>\n<meta property=\"og:description\" content=\"Zwei kritische SSRF-Schwachstellen (CVE-2026-15378, CVE-2026-15143) mit CVSS 9.3 in Red Hat OpenShift AI erm\u00f6glichen Angreifern unautorisierten Zugriff auf Cloud- und Kubernetes-Systeme.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/locaterisk.com\/fr\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/\" \/>\n<meta property=\"og:site_name\" content=\"LocateRisk\" \/>\n<meta property=\"article:published_time\" content=\"2026-07-10T16:35:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector.png\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Kristina Hoinkis\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kristina Hoinkis\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/\"},\"author\":{\"name\":\"Kristina Hoinkis\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/person\\\/68f3857c15afa8ff59c545848dddcc32\"},\"headline\":\"Red Hat OpenShift AI: mehrere kritische Sicherheitsl\u00fccken (CVE-2026-15378, CVE-2026-15143)\",\"datePublished\":\"2026-07-10T16:35:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/\"},\"wordCount\":1276,\"publisher\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/initial-access-vector.png\",\"articleSection\":[\"Uncategorized\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/\",\"name\":\"Red Hat OpenShift AI \u2013 mehrere kritische L\u00fccken \u2013 Update empfohlen\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/initial-access-vector.png\",\"datePublished\":\"2026-07-10T16:35:35+00:00\",\"description\":\"Zwei kritische SSRF-Schwachstellen (CVE-2026-15378, CVE-2026-15143) mit CVSS 9.3 in Red Hat OpenShift AI erm\u00f6glichen Angreifern unautorisierten Zugriff auf Cloud- und Kubernetes-Systeme.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/#primaryimage\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/initial-access-vector.png\",\"contentUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/initial-access-vector.png\",\"width\":400,\"height\":400,\"caption\":\"initial-access-vector\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/locaterisk.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Red Hat OpenShift AI: mehrere kritische Sicherheitsl\u00fccken (CVE-2026-15378, CVE-2026-15143)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#website\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/\",\"name\":\"LocateRisk\",\"description\":\"IT-Sicherheit messen und vergleichen\",\"publisher\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#organization\",\"name\":\"LocateRisk\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/Kettenglieder_V0216-9.jpg\",\"contentUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/Kettenglieder_V0216-9.jpg\",\"width\":1920,\"height\":1080,\"caption\":\"LocateRisk\"},\"image\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/locaterisk\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/person\\\/68f3857c15afa8ff59c545848dddcc32\",\"name\":\"Kristina Hoinkis\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g\",\"caption\":\"Kristina Hoinkis\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Red Hat OpenShift AI \u2013 mehrere kritische L\u00fccken \u2013 Update empfohlen","description":"Deux vuln\u00e9rabilit\u00e9s SSRF critiques (CVE-2026-15378, CVE-2026-15143) avec un score CVSS de 9,3 dans Red Hat OpenShift AI permettent \u00e0 des attaquants d'acc\u00e9der sans autorisation \u00e0 des syst\u00e8mes cloud et Kubernetes.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/locaterisk.com\/fr\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/","og_locale":"fr_FR","og_type":"article","og_title":"Red Hat OpenShift AI \u2013 mehrere kritische L\u00fccken \u2013 Update empfohlen","og_description":"Zwei kritische SSRF-Schwachstellen (CVE-2026-15378, CVE-2026-15143) mit CVSS 9.3 in Red Hat OpenShift AI erm\u00f6glichen Angreifern unautorisierten Zugriff auf Cloud- und Kubernetes-Systeme.","og_url":"https:\/\/locaterisk.com\/fr\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/","og_site_name":"LocateRisk","article_published_time":"2026-07-10T16:35:35+00:00","og_image":[{"width":400,"height":400,"url":"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector.png","type":"image\/png"}],"author":"Kristina Hoinkis","twitter_card":"summary_large_image","twitter_misc":{"\u00c9crit par":"Kristina Hoinkis","Dur\u00e9e de lecture estim\u00e9e":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/#article","isPartOf":{"@id":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/"},"author":{"name":"Kristina Hoinkis","@id":"https:\/\/locaterisk.com\/de\/#\/schema\/person\/68f3857c15afa8ff59c545848dddcc32"},"headline":"Red Hat OpenShift AI: mehrere kritische Sicherheitsl\u00fccken (CVE-2026-15378, CVE-2026-15143)","datePublished":"2026-07-10T16:35:35+00:00","mainEntityOfPage":{"@id":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/"},"wordCount":1276,"publisher":{"@id":"https:\/\/locaterisk.com\/de\/#organization"},"image":{"@id":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/#primaryimage"},"thumbnailUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector.png","articleSection":["Uncategorized"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/","url":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/","name":"Red Hat OpenShift AI \u2013 mehrere kritische L\u00fccken \u2013 Update empfohlen","isPartOf":{"@id":"https:\/\/locaterisk.com\/de\/#website"},"primaryImageOfPage":{"@id":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/#primaryimage"},"image":{"@id":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/#primaryimage"},"thumbnailUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector.png","datePublished":"2026-07-10T16:35:35+00:00","description":"Deux vuln\u00e9rabilit\u00e9s SSRF critiques (CVE-2026-15378, CVE-2026-15143) avec un score CVSS de 9,3 dans Red Hat OpenShift AI permettent \u00e0 des attaquants d'acc\u00e9der sans autorisation \u00e0 des syst\u00e8mes cloud et Kubernetes.","breadcrumb":{"@id":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/#primaryimage","url":"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector.png","contentUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/initial-access-vector.png","width":400,"height":400,"caption":"initial-access-vector"},{"@type":"BreadcrumbList","@id":"https:\/\/locaterisk.com\/de\/red-hat-openshift-ai-mehrere-kritische-sicherheitsluecken-cve-2026-15378-cve-2026-15143\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/locaterisk.com\/"},{"@type":"ListItem","position":2,"name":"Red Hat OpenShift AI: mehrere kritische Sicherheitsl\u00fccken (CVE-2026-15378, CVE-2026-15143)"}]},{"@type":"WebSite","@id":"https:\/\/locaterisk.com\/de\/#website","url":"https:\/\/locaterisk.com\/de\/","name":"LocateRisk","description":"Mesurer et comparer la s\u00e9curit\u00e9 informatique","publisher":{"@id":"https:\/\/locaterisk.com\/de\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/locaterisk.com\/de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/locaterisk.com\/de\/#organization","name":"LocateRisk","url":"https:\/\/locaterisk.com\/de\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/locaterisk.com\/de\/#\/schema\/logo\/image\/","url":"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/Kettenglieder_V0216-9.jpg","contentUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/Kettenglieder_V0216-9.jpg","width":1920,"height":1080,"caption":"LocateRisk"},"image":{"@id":"https:\/\/locaterisk.com\/de\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/locaterisk\/"]},{"@type":"Person","@id":"https:\/\/locaterisk.com\/de\/#\/schema\/person\/68f3857c15afa8ff59c545848dddcc32","name":"Kristina Hoinkis","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g","caption":"Kristina Hoinkis"}}]}},"_links":{"self":[{"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/posts\/9156","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/comments?post=9156"}],"version-history":[{"count":0,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/posts\/9156\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/media\/9141"}],"wp:attachment":[{"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/media?parent=9156"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/categories?post=9156"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/tags?post=9156"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}