Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.2 security updates and bug fixes
🔗 CVE IDs covered (8)
📋 Description
CVE-2021-3807 — nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes CVE-2021-3918 — nodejs-json-schema: Prototype pollution vulnerability CVE-2021-22963 — fastify-static: open redirect via an URL with double slash followed by a domain CVE-2021-43565 — golang.org/x/crypto: empty plaintext packet causes panic CVE-2021-43816 — containerd: Unprivileged pod may bind mount any privileged regular file on disk CVE-2021-43858 — minio: user privilege escalation in AddUser() admin API CVE-2022-0235 — node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-24450 — nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account
🔗 References (30)
- selfhttps://access.redhat.com/errata/RHSA-2022:0735
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2001668
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2007557
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2008592
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2012909
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2015152
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2023448
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2024702
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2028100
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2028196
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2028931
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2029506
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030005
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030379
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030787
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2032957
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2034198
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2036057
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2036252
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039378
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2041015
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2042545
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2043519
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2044434
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2044591
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2050847
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2051797
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2052573
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0735.json