9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.106 Low
EPSS
Percentile
95.0%
Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which fix security issues and several bugs. See the following Release Notes documentation, which will be updated shortly for this
release, for additional details about this release:
Security fixes:
CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS
CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add
CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header
CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions
CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip
CVE-2022-30630 golang: io/fs: stack exhaustion in Glob
CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob
CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal
CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode
CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
Bug fixes:
assisted-service repo pin-latest.py script should allow custom tags to be pinned (BZ# 2065661)
assisted-service-build image is too big in size (BZ# 2066059)
assisted-service pin-latest.py script should exclude the postgres image (BZ# 2076901)
PXE artifacts need to be served via HTTP (BZ# 2078531)
Implementing new service-agent protocol on agent side (BZ# 2081281)
RHACM 2.6.0 images (BZ# 2090906)
Assisted service POD keeps crashing after a bare metal host is created (BZ# 2093503)
Assisted service triggers the worker nodes re-provisioning on the hub cluster when the converged flow is enabled (BZ# 2096106)
Fix assisted CI jobs that fail for cluster-info readiness (BZ# 2097696)
Nodes are required to have installation disks of at least 120GB instead of at minimum of 100GB (BZ# 2099277)
The pre-selected search keyword is not readable (BZ# 2107736)
The value of label expressions in the new placement for policy and policysets cannot be shown real-time from UI (BZ# 2111843)
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.106 Low
EPSS
Percentile
95.0%