Reconnecting to live updates…

Red Hat Security Advisory: ACS 4.5 enhancement and security update

High

VulnerabilityCVE-2024-21536gcve csaf cve-2024-21536 cve-2024-57083 cve-2025-30204 red-hat-product-security

Published: Tue Apr 15 2025 (04/15/2025, 19:46:07 UTC)

Source: GCVE Database

Vendor/Project: Red Hat Product Security

Product: Red Hat

Description

This release of RHACS includes the following bug fix: * Fixed a bug to match the aggregation field of the compliance tables to the widgets for consistency. This release also addresses the following security vulnerabilities: * RHSA-2025:2679: libxml2 security update * RHSA-2025:1350: libxml2 security update * RHSA-2025:1330: openssl security update * CVE-2024-57083: Prototype pollution in redoc can allow a DoS attack * CVE-2024-21536: Flaw in `http-proxy-middleware` package * CVE-2025-30204: Flaw in the golang-jwt implementation of JSON Web Tokens (JWT)

Weaknesses

CWE-400Uncontrolled Resource Consumption CWE-1321Unclassified weakness CWE-405Unclassified weakness

Technical Details

Gcve Source: db.gcve.eu
Csaf Category: csaf_security_advisory
Csaf Version: 2.0
Publisher: Red Hat Product Security
Advisory Id: RHSA-2025:3928
Cve Count: 3
Additional Cves: ["CVE-2024-57083","CVE-2025-30204"]
Cvss Version: null

Threat ID: 6a160972e29bf47b5063abac

Added to database: 5/26/2026, 8:58:26 PM

Last updated: 5/26/2026, 9:01:11 PM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

Please log in to the Console to use AI analysis features.

External Links

NVD Database MITRE CVE https://access.redhat.com/errata/RHSA-2025:3928 https://access.redhat.com/security/updates/classification/#important https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/release_notes/index 2319884 2354195 2355865 Canonical URL Search on Google

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited

View courses

Red Hat Security Advisory: ACS 4.5 enhancement and security update

Red Hat Security Advisory: ACS 4.5 enhancement and security update

Description

Weaknesses

Technical Details

Community Reviews

Actions

External Links

Need more coverage?

Latest Threats

Check if your credentials are on the dark web

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility

Red Hat Security Advisory: ACS 4.5 enhancement and security update

Red Hat Security Advisory: ACS 4.5 enhancement and security update

Description

Weaknesses

Technical Details

Community Reviews

Related Threats

Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Red Hat Security Advisory: General availability of the satellite/iop-gateway-rhel9 container image

xfrm: state: initialize state_ptrs earlier in xfrm_state_find

scsi: qla2xxx: Completely fix fcport double free

erofs: avoid infinite loops due to corrupted subpage compact indexes

Actions

External Links

Need more coverage?

Latest Threats

Check if your credentials are on the dark web

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility