VDB
RHSA-2025%3A8392
RHSA-2025%3A8392
PUBLISHED
CVSS 7.5 HIGH
A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | rhacm2/governance-policy-propagator-rhel8@sha256:adb683cf8d4ca914f6015705a263d393babfeb13a798cfd65be5434ed21d6f1f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/governance-policy-propagator-rhel8@sha256:adb683cf8d4ca914f6015705a263d393babfeb13a798cfd65be5434ed21d6f1f_ppc64le, rhacm2/governance-policy-propagator-rhel8@sha256:adb683cf8d4ca914f6015705a263d393babfeb13a798cfd65be5434ed21d6f1f_ppc64le, rhacm2/governance-policy-propagator-rhel8@sha256:adb683cf8d4ca914f6015705a263d393babfeb13a798cfd65be5434ed21d6f1f_ppc64le |
| Red Hat | rhacm2/acm-search-v2-api-rhel8@sha256:59d1015b06602ef4a087b69d895f30bb3c505beaa3437933be13311fe747f0bd_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/acm-search-v2-api-rhel8@sha256:59d1015b06602ef4a087b69d895f30bb3c505beaa3437933be13311fe747f0bd_ppc64le, *, rhacm2/acm-search-v2-api-rhel8@sha256:59d1015b06602ef4a087b69d895f30bb3c505beaa3437933be13311fe747f0bd_ppc64le |
| Red Hat | rhacm2/observatorium-rhel8-operator@sha256:71d61a4ac254f7d396c9b72a57c047537bd6188fba455e547e2c2f36ed645fe2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/observatorium-rhel8-operator@sha256:71d61a4ac254f7d396c9b72a57c047537bd6188fba455e547e2c2f36ed645fe2_s390x, rhacm2/observatorium-rhel8-operator@sha256:71d61a4ac254f7d396c9b72a57c047537bd6188fba455e547e2c2f36ed645fe2_s390x, rhacm2/observatorium-rhel8-operator@sha256:71d61a4ac254f7d396c9b72a57c047537bd6188fba455e547e2c2f36ed645fe2_s390x |
| Red Hat | rhacm2/memcached-rhel8@sha256:433976d14ffa2c11d98c23605f09b0f04f70d78647b3ffb653921f7aa6ffb453_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/memcached-rhel8@sha256:433976d14ffa2c11d98c23605f09b0f04f70d78647b3ffb653921f7aa6ffb453_amd64, rhacm2/memcached-rhel8@sha256:433976d14ffa2c11d98c23605f09b0f04f70d78647b3ffb653921f7aa6ffb453_amd64, rhacm2/memcached-rhel8@sha256:433976d14ffa2c11d98c23605f09b0f04f70d78647b3ffb653921f7aa6ffb453_amd64 |
| Red Hat | rhacm2/console-rhel8@sha256:330bef97ec2fd08120c8ab6ecf37f610c54508de4039580d190d2e39f36ed593_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/console-rhel8@sha256:330bef97ec2fd08120c8ab6ecf37f610c54508de4039580d190d2e39f36ed593_arm64, rhacm2/console-rhel8@sha256:330bef97ec2fd08120c8ab6ecf37f610c54508de4039580d190d2e39f36ed593_arm64, rhacm2/console-rhel8@sha256:330bef97ec2fd08120c8ab6ecf37f610c54508de4039580d190d2e39f36ed593_arm64 |
| Red Hat | rhacm2/prometheus-rhel8@sha256:d2ee55ce41cfac3e2bfb5289dfa137daa0bb233e85f4c95753a990c19c063aac_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/prometheus-rhel8@sha256:d2ee55ce41cfac3e2bfb5289dfa137daa0bb233e85f4c95753a990c19c063aac_s390x, *, * |
| Red Hat | rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:090b956117100f60b255089f2a2db4227061eea6eee602a5f8ad3f92f7b151fb_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:090b956117100f60b255089f2a2db4227061eea6eee602a5f8ad3f92f7b151fb_ppc64le, rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:090b956117100f60b255089f2a2db4227061eea6eee602a5f8ad3f92f7b151fb_ppc64le, rhacm2/acm-governance-policy-framework-addon-rhel8@sha256:090b956117100f60b255089f2a2db4227061eea6eee602a5f8ad3f92f7b151fb_ppc64le |
| Red Hat | rhacm2/governance-policy-propagator-rhel8@sha256:3a0e1522f12cb4b8f438a655c96178ab566b0fa2d984b9fc48d3b0ac25ef8476_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | *, *, * |
| Red Hat | rhacm2/console-rhel8@sha256:330bef97ec2fd08120c8ab6ecf37f610c54508de4039580d190d2e39f36ed593_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | *, rhacm2/console-rhel8@sha256:330bef97ec2fd08120c8ab6ecf37f610c54508de4039580d190d2e39f36ed593_arm64, * |
| Red Hat | rhacm2/memcached-exporter-rhel8@sha256:30d4067ee4778f18074e1359b71cb2fd5988e7a2292ef69f77142366504af83a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | *, *, * |
| Red Hat | rhacm2/multiclusterhub-rhel8@sha256:c0961edbc751ff32fcdc29712b55f16d3d016a28af544982a527591adf825f64_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/multiclusterhub-rhel8@sha256:c0961edbc751ff32fcdc29712b55f16d3d016a28af544982a527591adf825f64_amd64, *, rhacm2/multiclusterhub-rhel8@sha256:c0961edbc751ff32fcdc29712b55f16d3d016a28af544982a527591adf825f64_amd64 |
| Red Hat | rhacm2/klusterlet-addon-controller-rhel8@sha256:7fb8f7422a12f2763f64efddd07939007b1c13a71cfd9c1063b8ce392275155c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/klusterlet-addon-controller-rhel8@sha256:7fb8f7422a12f2763f64efddd07939007b1c13a71cfd9c1063b8ce392275155c_amd64, *, * |
| Red Hat | rhacm2/cluster-backup-rhel8-operator@sha256:eeb95c744bc87ad7e5224e5ee3f3d331aae74c9f87011eab541a4612a348a344_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/cluster-backup-rhel8-operator@sha256:eeb95c744bc87ad7e5224e5ee3f3d331aae74c9f87011eab541a4612a348a344_ppc64le, *, * |
| Red Hat | rhacm2/submariner-addon-rhel8@sha256:85b3f75f2ba2ebc855f2bc1ea84d4bdc753dd9fa432da39ed1c0fd00aa49f581_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/submariner-addon-rhel8@sha256:85b3f75f2ba2ebc855f2bc1ea84d4bdc753dd9fa432da39ed1c0fd00aa49f581_ppc64le, *, rhacm2/submariner-addon-rhel8@sha256:85b3f75f2ba2ebc855f2bc1ea84d4bdc753dd9fa432da39ed1c0fd00aa49f581_ppc64le |
| Red Hat | rhacm2/submariner-addon-rhel8@sha256:1db468130747bfb694517f12d07d06e54ef5c1d09c1b8c6fbd4284ac1483268b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/submariner-addon-rhel8@sha256:1db468130747bfb694517f12d07d06e54ef5c1d09c1b8c6fbd4284ac1483268b_arm64, rhacm2/submariner-addon-rhel8@sha256:1db468130747bfb694517f12d07d06e54ef5c1d09c1b8c6fbd4284ac1483268b_arm64, rhacm2/submariner-addon-rhel8@sha256:1db468130747bfb694517f12d07d06e54ef5c1d09c1b8c6fbd4284ac1483268b_arm64 |
| Red Hat | rhacm2/insights-client-rhel8@sha256:f7897dd861244d7af1d5cb165286f1cc08c5d8ee5b42dec941746270331735e4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/insights-client-rhel8@sha256:f7897dd861244d7af1d5cb165286f1cc08c5d8ee5b42dec941746270331735e4_s390x, rhacm2/insights-client-rhel8@sha256:f7897dd861244d7af1d5cb165286f1cc08c5d8ee5b42dec941746270331735e4_s390x, rhacm2/insights-client-rhel8@sha256:f7897dd861244d7af1d5cb165286f1cc08c5d8ee5b42dec941746270331735e4_s390x |
| Red Hat | rhacm2/observatorium-rhel8-operator@sha256:779e37d58c648a531245073e1976e38f596a21899ecc6807358269a2d29fa2de_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/observatorium-rhel8-operator@sha256:779e37d58c648a531245073e1976e38f596a21899ecc6807358269a2d29fa2de_ppc64le, rhacm2/observatorium-rhel8-operator@sha256:779e37d58c648a531245073e1976e38f596a21899ecc6807358269a2d29fa2de_ppc64le, rhacm2/observatorium-rhel8-operator@sha256:779e37d58c648a531245073e1976e38f596a21899ecc6807358269a2d29fa2de_ppc64le |
| Red Hat | rhacm2/thanos-receive-controller-rhel8@sha256:a6abc03fdf5a59c649b49b9b185df9332d2537c5c6ad26be3f072d80ec92d1eb_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/thanos-receive-controller-rhel8@sha256:a6abc03fdf5a59c649b49b9b185df9332d2537c5c6ad26be3f072d80ec92d1eb_ppc64le, rhacm2/thanos-receive-controller-rhel8@sha256:a6abc03fdf5a59c649b49b9b185df9332d2537c5c6ad26be3f072d80ec92d1eb_ppc64le, * |
| Red Hat | rhacm2/multicluster-operators-subscription-rhel8@sha256:a35f82ea05d43e37ef83731b7d215f96be70ef72a5f2fe0c48a97965e4b44815_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/multicluster-operators-subscription-rhel8@sha256:a35f82ea05d43e37ef83731b7d215f96be70ef72a5f2fe0c48a97965e4b44815_s390x, *, * |
| Red Hat | rhacm2/console-rhel8@sha256:5bda05516d3acc85a22b8bbf51c724cecef0c79b45dedfd7149f88534c76bc30_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8 | rhacm2/console-rhel8@sha256:5bda05516d3acc85a22b8bbf51c724cecef0c79b45dedfd7149f88534c76bc30_s390x, rhacm2/console-rhel8@sha256:5bda05516d3acc85a22b8bbf51c724cecef0c79b45dedfd7149f88534c76bc30_s390x, rhacm2/console-rhel8@sha256:5bda05516d3acc85a22b8bbf51c724cecef0c79b45dedfd7149f88534c76bc30_s390x |
…and 331 more
Timeline
- Jun 4, 2025 CVE Published
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- May 28, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2025:8392 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.9/html/release_notes/ advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2354195 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8392.json advisory
- https://access.redhat.com/security/cve/CVE-2025-30204 advisory
- https://www.cve.org/CVERecord?id=CVE-2025-30204 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-30204 advisory
- https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3 advisory
- https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp advisory
- https://pkg.go.dev/vuln/GO-2025-3553 advisory