Red Hat Security Advisory: ACS 4.4 enhancement update
Red Hat Advanced Cluster Security for Kubernetes (RHACS) 4. 4. 6 includes important security fixes addressing multiple vulnerabilities in underlying components such as golang archive/zip handling (CVE-2024-24789), net/netip behavior (CVE-2024-24790), encoding/gob decoding (CVE-2024-34156), body-parser denial of service (CVE-2024-45590), and DOMPurify prototype pollution (CVE-2024-48910). These vulnerabilities could lead to denial of service, incorrect processing, or tampering risks. The update also fixes a bug affecting scan result display. Red Hat advises upgrading to this release to mitigate these issues.
AI Analysis
Technical Summary
This Red Hat security advisory for RHACS 4.4.6 addresses several vulnerabilities across multiple components. CVE-2024-24789 concerns improper handling of certain ZIP files in golang's archive/zip package. CVE-2024-24790 involves unexpected behavior in golang's net/netip package for IPv4-mapped IPv6 addresses. CVE-2024-34156 is a stack exhaustion panic triggered by decoding deeply nested structures in golang's encoding/gob package. CVE-2024-45590 is a denial of service vulnerability in the body-parser library. CVE-2024-48910 involves prototype pollution in DOMPurify allowing tampering. The advisory recommends upgrading RHACS 4.4 to version 4.4.6 to apply these fixes. No CVSS scores are provided in the advisory, but the severity is rated as important by Red Hat.
Potential Impact
The vulnerabilities fixed in this update can cause denial of service conditions (e.g., stack exhaustion panic, body-parser DoS), incorrect processing of ZIP files, unexpected network address behavior, and potential tampering via prototype pollution. These issues could affect the stability and security of RHACS deployments, potentially disrupting cluster security operations or allowing manipulation of sanitized content. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released RHACS version 4.4.6 which includes fixes for the identified vulnerabilities. Users running earlier versions of RHACS 4.4 are advised to upgrade to this patched release to mitigate these security issues. Since this is a product update, applying the official patch is the recommended remediation. No additional vendor advisories indicate that no action is required or that issues are already mitigated.
Red Hat Security Advisory: ACS 4.4 enhancement update
Description
Red Hat Advanced Cluster Security for Kubernetes (RHACS) 4. 4. 6 includes important security fixes addressing multiple vulnerabilities in underlying components such as golang archive/zip handling (CVE-2024-24789), net/netip behavior (CVE-2024-24790), encoding/gob decoding (CVE-2024-34156), body-parser denial of service (CVE-2024-45590), and DOMPurify prototype pollution (CVE-2024-48910). These vulnerabilities could lead to denial of service, incorrect processing, or tampering risks. The update also fixes a bug affecting scan result display. Red Hat advises upgrading to this release to mitigate these issues.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This Red Hat security advisory for RHACS 4.4.6 addresses several vulnerabilities across multiple components. CVE-2024-24789 concerns improper handling of certain ZIP files in golang's archive/zip package. CVE-2024-24790 involves unexpected behavior in golang's net/netip package for IPv4-mapped IPv6 addresses. CVE-2024-34156 is a stack exhaustion panic triggered by decoding deeply nested structures in golang's encoding/gob package. CVE-2024-45590 is a denial of service vulnerability in the body-parser library. CVE-2024-48910 involves prototype pollution in DOMPurify allowing tampering. The advisory recommends upgrading RHACS 4.4 to version 4.4.6 to apply these fixes. No CVSS scores are provided in the advisory, but the severity is rated as important by Red Hat.
Potential Impact
The vulnerabilities fixed in this update can cause denial of service conditions (e.g., stack exhaustion panic, body-parser DoS), incorrect processing of ZIP files, unexpected network address behavior, and potential tampering via prototype pollution. These issues could affect the stability and security of RHACS deployments, potentially disrupting cluster security operations or allowing manipulation of sanitized content. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
Red Hat has released RHACS version 4.4.6 which includes fixes for the identified vulnerabilities. Users running earlier versions of RHACS 4.4 are advised to upgrade to this patched release to mitigate these security issues. Since this is a product update, applying the official patch is the recommended remediation. No additional vendor advisories indicate that no action is required or that issues are already mitigated.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2024:9583
- Cve Count
- 5
- Additional Cves
- ["CVE-2024-24790","CVE-2024-34156","CVE-2024-45590","CVE-2024-48910"]
- Cvss Version
- null
Threat ID: 6a1df669e29bf47b50461dac
Added to database: 6/1/2026, 9:15:21 PM
Last enriched: 6/1/2026, 9:21:49 PM
Last updated: 6/2/2026, 5:04:03 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.