RHSA-2022:1715: Moderate: Red Hat Advanced Cluster Management 2.3.10 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.3.10 imagesRed Hat Advanced Cluster Management for Kubernetes provides thecapabilities to address common challenges that administrators and sitereliability engineers face as they work across a range of public andprivate cloud environments. Clusters and applications are all visible andmanaged from a single console—with security policy built in.This advisory contains the container images for Red Hat Advanced ClusterManagement for Kubernetes, which fix several bugs. See the followingRelease Notes documentation, which will be updated shortly for thisrelease, for additional details about this release:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/ Security updates: Follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155) Node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235) Follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536) Urijs: Authorization Bypass Through User-Controlled Key (CVE-2022-0613) Urijs: Leading white space bypasses protocol validation (CVE-2022-24723) Nconf: Prototype pollution in memory store (CVE-2022-21803) Moment.js: Path traversal in moment.locale (CVE-2022-24785) Bug fixes: RHACM 2.3.10 images