- Issued:
- 2025-04-15
- Updated:
- 2025-04-15
RHSA-2025:3928 - Security Advisory
Synopsis
Important: ACS 4.5 enhancement and security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security (RHACS).
Description
This release of RHACS includes the following bug fix:
- Fixed a bug to match the aggregation field of the compliance tables to the widgets for consistency.
This release also addresses the following security vulnerabilities:
- RHSA-2025:2679: libxml2 security update
- RHSA-2025:1350: libxml2 security update
- RHSA-2025:1330: openssl security update
- CVE-2024-57083: Prototype pollution in redoc can allow a DoS attack
- CVE-2024-21536: Flaw in `http-proxy-middleware` package
- CVE-2025-30204: Flaw in the golang-jwt implementation of JSON Web Tokens (JWT)
Solution
If you are using an earlier version of RHACS 4.5, you are advised to upgrade to patch release 4.5.9.
Affected Products
- Red Hat Advanced Cluster Security for Kubernetes 4 x86_64
- Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE 4 s390x
- Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian 4 ppc64le
Fixes
- BZ - 2319884 - CVE-2024-21536 http-proxy-middleware: Denial of Service
- BZ - 2354195 - CVE-2025-30204 golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing
- BZ - 2355865 - CVE-2024-57083 redoc: Prototype Pollution in redoc
ppc64le
| advanced-cluster-security/rhacs-central-db-rhel8@sha256:dda4781392cd2bb6e599f51b35b390e7d60d71166a968c358c999a570cbc829b |
| advanced-cluster-security/rhacs-collector-rhel8@sha256:e938cb5948023fef76efabbfbf3c8f1bbaf6d62fe38b7e31c8bb84fcef7fb4f2 |
| advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e98696ead4e75cd57655325eb3874ae1fe0bee30c52f1517d13cb9b046c8bf5f |
| advanced-cluster-security/rhacs-main-rhel8@sha256:566fffe3028705b2428e9420ca770819dae1729ea9c36213a2fcf5cd68796f73 |
| advanced-cluster-security/rhacs-operator-bundle@sha256:d0c15d6cbb78bfd7529030c62ccf4737ec235dbe143a76e898b6afbfd90ca918 |
| advanced-cluster-security/rhacs-rhel8-operator@sha256:c6481192d23a50a5c75ca10fcbafde1eec8614a0a71635b8615ea70020d07749 |
| advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4df217585e8de0ca3fd0722454f65c882ff1a49ed03d839a2b48c8adeb110776 |
| advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f45b818df4a3bbb45caa2086f4f0b29f8e79abfe579fd04235a65db122529505 |
| advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ff99cf87213c08c560f2a27d83e51b7571637cef33e0c6ab5177a7c678df9bbb |
| advanced-cluster-security/rhacs-scanner-rhel8@sha256:8ef4868576b184b65076bfdb285a0dfe9fab9400795232cd78a3e9676410fba0 |
| advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:08522cc11c22617e947a7eeb24ad80ca98df1a54affc499307ae992dbbffb1af |
| advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:efc4a42a309f27543f650b13fde90a26500ea69d0d5cbaf3ac7daebff3b0330f |
| advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f4f13c49060230038d0017452c15c4bf5d15520659ae72b9b022142a8bae0ba7 |
s390x
| advanced-cluster-security/rhacs-central-db-rhel8@sha256:5a73bcbab19ab68ff948838b21b5cb11e2134a48350b8cbf82ef288817c75719 |
| advanced-cluster-security/rhacs-collector-rhel8@sha256:645219f425559e75234be2a6320fc0fa176db81d7e3738b2e3f2ccdc92ce6e24 |
| advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e03cb6ab11ee042ec66ec4a5b214f1ce509cdfa0f92b93d0cd7f87893504fd0a |
| advanced-cluster-security/rhacs-main-rhel8@sha256:990f13b1986b3f5ddc6bb44e30ce6dc40ad6108e927badb3c9f7e0b49fba675c |
| advanced-cluster-security/rhacs-operator-bundle@sha256:4bf810ed79118b56bbc97caf0d04b65a57a69d8f1333af6bb07cfdb33454b2a8 |
| advanced-cluster-security/rhacs-rhel8-operator@sha256:c2f9ef5d94e03753926d41c3e90d429b660a59013ab269b71bfe1b21575ab93f |
| advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b9c20a2ddb97eb45995836e5be0713419afc2d9f8e2374d7ca64f7ea5274ad2f |
| advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:750f9b25880952184289ae3389fd679a3ab6bb321c7531d8bb9c51a4df3143fb |
| advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c910f6a958bbe1176da3defa138c8a7c9c2728c50c4ec52827c008c3d6293047 |
| advanced-cluster-security/rhacs-scanner-rhel8@sha256:0f1b879c9de1fcc55b017a3f465d8f44f86668683174e936a5cf10dabe292b16 |
| advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f45ce53f6007cfd5bd002eebe6ead15f39ade85deaecc5406fc07222781ca3f8 |
| advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:00a43ea5b5d02e811ae1a78adaf8cda9b87b0819b69ba209487d47eab677b424 |
| advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec17a50dd2c436301ff369852cfa02d7b493c72d490ff1c58fd508231c76626b |
x86_64
| advanced-cluster-security/rhacs-central-db-rhel8@sha256:69eb82f50c3790b90b9a8015bf078da8066b38fee26cbb3a2623753a51ca99ea |
| advanced-cluster-security/rhacs-collector-rhel8@sha256:cf7fa69d0b423aad50bc871808e34d7e8783aefcea05ead2dcd857dc11349510 |
| advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2cc4e9960b80728892eafc1d3ce0dfbb9bbd28929261fc59fd71982fcbb864cc |
| advanced-cluster-security/rhacs-main-rhel8@sha256:05ce852ee7c7a221b50e39224953bfef704ab5959ff7f33d5f30f9dbeff55ae3 |
| advanced-cluster-security/rhacs-operator-bundle@sha256:41351e88688d23a443ad4f141caf0433b2c2789e6a1a85b4f5b36abeb5656bb1 |
| advanced-cluster-security/rhacs-rhel8-operator@sha256:9fed7cffad49c7ed79405948b12256cd12e4dce00ef2737ade5db5018b324916 |
| advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ae67f0a80b58fff1eb900fa9adb1e0fe2a5d1f2c531caffcdea3eff2c0f8189c |
| advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:247b450a36800470e484320eef0c4bf07f0aaee66ddfb0b38ed7a215dea8b489 |
| advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c421d3700f197dbb69ba3b34b204415413222d677bc58bb126bf064d9957893b |
| advanced-cluster-security/rhacs-scanner-rhel8@sha256:922979b45991631a3c8f17a8046270f9d50da23935699b6f70fb8fb41cbc7539 |
| advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dc4afae274b026d43099cbc3eff7144cea981931a441fc0ada1bdc99bd0b1370 |
| advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:74fb88b37ed6763861ca3730d7b5a62f793831de803ab250ec68d86363ceff49 |
| advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72490c948f3a6fd2d75ea01d434dd76f53adb73f6655537081d95542c541662d |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
