RHSA-2022:5201MediumCVSS 8.8
Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.5 security updates and bug fixes
🔗 CVE IDs covered (8)
📋 Description
CVE-2021-43565 — golang.org/x/crypto: empty plaintext packet causes panic CVE-2022-21803 — nconf: Prototype pollution in memory store CVE-2022-23806 — golang: crypto/elliptic: IsOnCurve returns true for invalid field elements CVE-2022-24450 — nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account CVE-2022-24785 — Moment.js: Path traversal in moment.locale CVE-2022-25645 — dset: Prototype Pollution in dset CVE-2022-29526 — golang: syscall: faccessat checks wrong group CVE-2022-29810 — go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses
🔗 References (28)
- selfhttps://access.redhat.com/errata/RHSA-2022:5201
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1937078
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2030787
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2051752
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2052573
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2052702
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2053429
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2054954
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2059822
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2065318
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2072009
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2073562
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2074689
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2075594
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2075675
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2075724
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2079906
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2080279
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2080713
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2080716
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2080847
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2080960
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2081438
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2081908
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2084085
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2094109
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5201.json