Threats Tagged 'cve-2024-57083'

Red Hat Advanced Cluster Security for Kubernetes (RHACS) 4. 6. 5 addresses multiple security vulnerabilities that could lead to denial of service conditions. The fixed flaws include a denial of service via unhandled promise rejections in the http-proxy-middleware component (CVE-2024-21536), excessive memory allocation during JWT header parsing in jwt-go (CVE-2025-30204), and prototype pollution in redoc allowing denial of service through crafted payloads (CVE-2024-57083). These issues were resolved in the RHACS 4. 6. 5 patch release. Users of earlier RHACS 4. 6 versions are advised to upgrade to this release. No known exploits in the wild have been reported at this time.

Red Hat Advanced Cluster Security for Kubernetes (RHACS) version 4. 7. 2 addresses multiple security vulnerabilities including denial of service issues in the http-proxy-middleware and redoc packages, and an excessive memory allocation vulnerability in the golang-jwt package. These vulnerabilities could impact the availability and stability of the affected components. Red Hat has released updated images to remediate these issues and advises users to upgrade to RHACS 4. 7. 2. The update is rated with an Important security impact by Red Hat Product Security. No known exploits are reported in the wild at this time.

Red Hat Advanced Cluster Security for Kubernetes (RHACS) 4. 5. 9 includes important security updates addressing multiple vulnerabilities, including a denial of service flaw in the http-proxy-middleware package (CVE-2024-21536), a prototype pollution vulnerability in redoc (CVE-2024-57083), and a flaw in the golang-jwt implementation of JSON Web Tokens (CVE-2025-30204). These vulnerabilities could lead to denial of service or excessive memory allocation. The update also fixes related bugs for consistency in compliance table aggregation fields. Users of earlier RHACS 4. 5 versions are advised to upgrade to 4. 5. 9 to apply these fixes.