Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.4 security updates and bug fixes

CVE-2021-23555 — vm2: vulnerable to Sandbox Bypass CVE-2021-43565 — golang.org/x/crypto: empty plaintext packet causes panic CVE-2022-0155 — follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor CVE-2022-0235 — node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-0536 — follow-redirects: Exposure of Sensitive Information via Authorization Header leak CVE-2022-0613 — urijs: Authorization Bypass Through User-Controlled Key CVE-2022-1365 — cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor CVE-2022-21803 — nconf: Prototype pollution in memory store CVE-2022-24450 — nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account CVE-2022-24723 — urijs: Leading white space bypasses protocol validation CVE-2022-24771 — node-forge: Signature verification leniency in checking digestAlgorithm structure can lead to signature forgery CVE-2022-24772 — node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery CVE-2022-24773 — node-forge: Signature verification leniency in checking DigestInfo structure CVE-2022-24785 — Moment.js: Path traversal in moment.locale