- Issued:
- 2025-04-01
- Updated:
- 2025-04-01
RHSA-2025:3437 - Important: ACS 4.5 enhancement and security update
Synopsis
Important: ACS 4.5 enhancement and security update
Type/Severity
Security Advisory Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security (RHACS).
Description
This release of RHACS 4.5 includes the following bug fix:
Fixed a bug in which Scanner V4 would perform TLS validation even for integrations that have TLS validation disabled.
This release also addresses the following security vulnerabilities:
CVE-2025-22868 CVE-2025-22869
Solution
If you are using an earlier version of RHACS 4.5, you are advised to upgrade to patch release 4.5.8.
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Advanced Cluster Security for Kubernetes | 4 | x86_64 |
| Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE | 4 | s390x |
| Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian | 4 | ppc64le |
Fixes
CVEs
- CVE-2024-12087
- CVE-2024-12088
- CVE-2024-12747
- CVE-2024-56171
- CVE-2025-22868
- CVE-2025-22869
- CVE-2025-24528
- CVE-2025-24928
References
- https://access.redhat.com/security/updates/classification/#important
- https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/release_notes/release-notes-45
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.