node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7 https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10
Upstream PR: https://github.com/node-fetch/node-fetch/pull/1449 Upstream fix: https://github.com/node-fetch/node-fetch/commit/f5d3cf5e2579cb8f4c76c291871e69696aef8f80
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8 Via RHSA-2022:0735 https://access.redhat.com/errata/RHSA-2022:0735
Created cockpit-composer tracking bugs for this issue: Affects: fedora-all [bug 2061809] Created couchdb tracking bugs for this issue: Affects: fedora-all [bug 2061810] Created dotnet3.1 tracking bugs for this issue: Affects: fedora-all [bug 2061811] Created golang-github-apache-beam-2 tracking bugs for this issue: Affects: fedora-all [bug 2061812] Created golang-github-brocaar-chirpstack-api tracking bugs for this issue: Affects: fedora-all [bug 2061813] Created golang-github-cockroachdb-cockroach tracking bugs for this issue: Affects: fedora-all [bug 2061814] Created golang-github-hashicorp-consul-api tracking bugs for this issue: Affects: fedora-all [bug 2061815] Created golang-github-hashicorp-consul-sdk tracking bugs for this issue: Affects: fedora-all [bug 2061816] Created golang-github-prometheus tracking bugs for this issue: Affects: epel-all [bug 2061806] Created grafana tracking bugs for this issue: Affects: fedora-all [bug 2061817] Created grpc tracking bugs for this issue: Affects: fedora-all [bug 2061818] Created icecat tracking bugs for this issue: Affects: fedora-all [bug 2061819] Created mozjs68 tracking bugs for this issue: Affects: fedora-all [bug 2061820] Created mozjs78 tracking bugs for this issue: Affects: fedora-all [bug 2061821] Created nodejs:10/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2061822] Created nodejs:12/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2061823] Created nodejs:13/nodejs tracking bugs for this issue: Affects: epel-all [bug 2061807] Created nodejs:14/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2061824] Created openvas-gsa tracking bugs for this issue: Affects: fedora-all [bug 2061825] Created pack tracking bugs for this issue: Affects: fedora-all [bug 2061826] Created python-drf-yasg tracking bugs for this issue: Affects: epel-all [bug 2061808] Affects: fedora-all [bug 2061827] Created rust tracking bugs for this issue: Affects: fedora-all [bug 2061828] Created thunderbird tracking bugs for this issue: Affects: fedora-all [bug 2061829] Created vagrant tracking bugs for this issue: Affects: fedora-all [bug 2061830] Created zuul tracking bugs for this issue: Affects: fedora-all [bug 2061831]
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7 Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8 Via RHSA-2022:1083 https://access.redhat.com/errata/RHSA-2022:1083
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8 Via RHSA-2022:1476 https://access.redhat.com/errata/RHSA-2022:1476
*** Bug 2048424 has been marked as a duplicate of this bug. ***
*** Bug 2079047 has been marked as a duplicate of this bug. ***
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8 Via RHSA-2022:1681 https://access.redhat.com/errata/RHSA-2022:1681
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7 Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8 Via RHSA-2022:1715 https://access.redhat.com/errata/RHSA-2022:1715
This issue has been addressed in the following products: OpenShift Service Mesh 2.1 Via RHSA-2022:1739 https://access.redhat.com/errata/RHSA-2022:1739
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.5 for RHEL 8 Via RHSA-2022:4956 https://access.redhat.com/errata/RHSA-2022:4956
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8 Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7 Via RHSA-2022:5392 https://access.redhat.com/errata/RHSA-2022:5392
This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.7 Via RHSA-2022:5483 https://access.redhat.com/errata/RHSA-2022:5483
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2022:5069 https://access.redhat.com/errata/RHSA-2022:5069
This issue has been addressed in the following products: Red Hat OpenShift Data Foundation 4.11 on RHEL8 Via RHSA-2022:6156 https://access.redhat.com/errata/RHSA-2022:6156
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-0235
This issue has been addressed in the following products: RHPAM 7.13.1 async Via RHSA-2022:6813 https://access.redhat.com/errata/RHSA-2022:6813
This issue has been addressed in the following products: RHINT Service Registry 2.3.0 GA Via RHSA-2022:6835 https://access.redhat.com/errata/RHSA-2022:6835
This issue has been addressed in the following products: Red Hat Data Grid 8.4.0 Via RHSA-2022:8524 https://access.redhat.com/errata/RHSA-2022:8524
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:0050 https://access.redhat.com/errata/RHSA-2023:0050
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2023:0612 https://access.redhat.com/errata/RHSA-2023:0612
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:1742 https://access.redhat.com/errata/RHSA-2023:1742