RHSA-2022:5201MediumCVSS 8.8

Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.5 security updates and bug fixes

Published
June 27, 2022
Last Modified
June 30, 2026

🔗 CVE IDs covered (8)

📋 Description

CVE-2021-43565 — golang.org/x/crypto: empty plaintext packet causes panic CVE-2022-21803 — nconf: Prototype pollution in memory store CVE-2022-23806 — golang: crypto/elliptic: IsOnCurve returns true for invalid field elements CVE-2022-24450 — nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account CVE-2022-24785 — Moment.js: Path traversal in moment.locale CVE-2022-25645 — dset: Prototype Pollution in dset CVE-2022-29526 — golang: syscall: faccessat checks wrong group CVE-2022-29810 — go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses

🔗 References (28)