Updated images are now available for Red Hat Advanced Cluster Security (RHACS).
This release of RHACS includes the following bug fix:
* Fixed a bug to match the aggregation field of the compliance tables to the
widgets for consistency.
This release also addresses the following security vulnerabilities:
* RHSA-2025:2679: libxml2 security update
* RHSA-2025:1350: libxml2 security update
* RHSA-2025:1330: openssl security update
* CVE-2024-57083: Prototype pollution in redoc can allow a DoS attack
* CVE-2024-21536: Flaw in `http-proxy-middleware` package
* CVE-2025-30204: Flaw in the golang-jwt implementation of JSON Web Tokens
(JWT)
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2024-21536: Uncontrolled Resource Consumption (CWE-400)
CVE-2024-57083: Improperly Controlled Modification of Object Prototype
Attributes ('Prototype Pollution') (CWE-1321)
CVE-2025-30204: Asymmetric Resource Consumption (Amplification) (CWE-405)
|
