RHSA-2022:0735HighCVSS 9.8

Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.2 security updates and bug fixes

Published
March 3, 2022
Last Modified
June 30, 2026

🔗 CVE IDs covered (8)

📋 Description

CVE-2021-3807 — nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes CVE-2021-3918 — nodejs-json-schema: Prototype pollution vulnerability CVE-2021-22963 — fastify-static: open redirect via an URL with double slash followed by a domain CVE-2021-43565 — golang.org/x/crypto: empty plaintext packet causes panic CVE-2021-43816 — containerd: Unprivileged pod may bind mount any privileged regular file on disk CVE-2021-43858 — minio: user privilege escalation in AddUser() admin API CVE-2022-0235 — node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-24450 — nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account

🔗 References (30)