rhsa-2021_2532
Vulnerability from csaf_redhat
Published
2021-06-23 15:37
Modified
2024-11-22 16:37
Summary
Red Hat Security Advisory: Red Hat OpenShift Jaeger 1.17.9 security update
Notes
Topic
An update is now available for Red Hat OpenShift Jaeger 1.17.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project,
tailored for installation into an on-premise OpenShift Container Platform
installation.
Security Fix(es):
* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)
* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift Jaeger 1.17.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Jaeger is Red Hat\u0027s distribution of the Jaeger project,\ntailored for installation into an on-premise OpenShift Container Platform\ninstallation.\n\nSecurity Fix(es):\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\n* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2532", "url": "https://access.redhat.com/errata/RHSA-2021:2532" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1897635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635" }, { "category": "external", "summary": "1918750", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918750" }, { "category": "external", "summary": "TRACING-1725", "url": "https://issues.redhat.com/browse/TRACING-1725" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2532.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Jaeger 1.17.9 security update", "tracking": { "current_release_date": "2024-11-22T16:37:54+00:00", "generator": { "date": "2024-11-22T16:37:54+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:2532", "initial_release_date": "2021-06-23T15:37:37+00:00", "revision_history": [ { "date": "2021-06-23T15:37:37+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-06-23T15:37:37+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T16:37:54+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Jaeger 1.17", "product": { "name": "Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17", "product_identification_helper": { "cpe": "cpe:/a:redhat:jaeger:1.17::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Jaeger" }, { "branches": [ { "category": "product_version", "name": "distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x", "product": { "name": "distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x", "product_id": "distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x", "product_identification_helper": { "purl": "pkg:oci/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c?arch=s390x\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-agent-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x", "product": { "name": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x", "product_id": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x", "product_identification_helper": { "purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed?arch=s390x\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-all-in-one-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x", "product": { "name": "distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x", "product_id": "distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x", "product_identification_helper": { "purl": "pkg:oci/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009?arch=s390x\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-collector-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952_s390x", "product": { "name": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952_s390x", "product_id": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952_s390x", "product_identification_helper": { "purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952?arch=s390x\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-es-index-cleaner-rhel8\u0026tag=1.17.9-5" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9_s390x", "product": { "name": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9_s390x", "product_id": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9_s390x", "product_identification_helper": { "purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9?arch=s390x\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-es-rollover-rhel8\u0026tag=1.17.9-4" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x", "product": { "name": "distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x", "product_id": "distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x", "product_identification_helper": { "purl": "pkg:oci/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551?arch=s390x\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-ingester-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x", "product": { "name": "distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x", "product_id": "distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x", "product_identification_helper": { "purl": "pkg:oci/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968?arch=s390x\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-query-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x", "product": { "name": "distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x", "product_id": "distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x", "product_identification_helper": { "purl": "pkg:oci/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243?arch=s390x\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-rhel8-operator\u0026tag=1.17.9-7" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64", "product": { "name": "distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64", "product_id": "distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64", "product_identification_helper": { "purl": "pkg:oci/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb?arch=amd64\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-agent-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64", "product": { "name": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64", "product_id": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64", "product_identification_helper": { "purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe?arch=amd64\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-all-in-one-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64", "product": { "name": "distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64", "product_id": "distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64", "product_identification_helper": { "purl": "pkg:oci/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c?arch=amd64\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-collector-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81_amd64", "product": { "name": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81_amd64", "product_id": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81_amd64", "product_identification_helper": { "purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81?arch=amd64\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-es-index-cleaner-rhel8\u0026tag=1.17.9-5" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a_amd64", "product": { "name": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a_amd64", "product_id": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a_amd64", "product_identification_helper": { "purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a?arch=amd64\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-es-rollover-rhel8\u0026tag=1.17.9-4" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64", "product": { "name": "distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64", "product_id": "distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64", "product_identification_helper": { "purl": "pkg:oci/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c?arch=amd64\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-ingester-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64", "product": { "name": "distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64", "product_id": "distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64", "product_identification_helper": { "purl": "pkg:oci/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625?arch=amd64\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-query-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64", "product": { "name": "distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64", "product_id": "distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64", "product_identification_helper": { "purl": "pkg:oci/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384?arch=amd64\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-rhel8-operator\u0026tag=1.17.9-7" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le", "product": { "name": "distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le", "product_id": "distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a?arch=ppc64le\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-agent-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le", "product": { "name": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le", "product_id": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1?arch=ppc64le\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-all-in-one-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le", "product": { "name": "distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le", "product_id": "distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b?arch=ppc64le\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-collector-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217_ppc64le", "product": { "name": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217_ppc64le", "product_id": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217_ppc64le", "product_identification_helper": { "purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217?arch=ppc64le\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-es-index-cleaner-rhel8\u0026tag=1.17.9-5" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449_ppc64le", "product": { "name": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449_ppc64le", "product_id": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449_ppc64le", "product_identification_helper": { "purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449?arch=ppc64le\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-es-rollover-rhel8\u0026tag=1.17.9-4" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le", "product": { "name": "distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le", "product_id": "distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f?arch=ppc64le\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-ingester-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le", "product": { "name": "distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le", "product_id": "distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf?arch=ppc64le\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-query-rhel8\u0026tag=1.17.9-7" } } }, { "category": "product_version", "name": "distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le", "product": { "name": "distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le", "product_id": "distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le", "product_identification_helper": { "purl": "pkg:oci/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146?arch=ppc64le\u0026repository_url=registry.redhat.io/distributed-tracing/jaeger-rhel8-operator\u0026tag=1.17.9-7" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64 as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64" }, "product_reference": "distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le" }, "product_reference": "distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x" }, "product_reference": "distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64 as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64" }, "product_reference": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le" }, "product_reference": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x" }, "product_reference": "distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le" }, "product_reference": "distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x" }, "product_reference": "distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64 as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64" }, "product_reference": "distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952_s390x as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952_s390x" }, "product_reference": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952_s390x", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217_ppc64le as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217_ppc64le" }, "product_reference": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217_ppc64le", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81_amd64 as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81_amd64" }, "product_reference": "distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81_amd64", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449_ppc64le as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449_ppc64le" }, "product_reference": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449_ppc64le", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9_s390x as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9_s390x" }, "product_reference": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9_s390x", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a_amd64 as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a_amd64" }, "product_reference": "distributed-tracing/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a_amd64", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x" }, "product_reference": "distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64 as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64" }, "product_reference": "distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le" }, "product_reference": "distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x" }, "product_reference": "distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le" }, "product_reference": "distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64 as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64" }, "product_reference": "distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64 as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64" }, "product_reference": "distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le" }, "product_reference": "distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le", "relates_to_product_reference": "8Base-JAEGER-1.17" }, { "category": "default_component_of", "full_product_name": { "name": "distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x as a component of Red Hat OpenShift Jaeger 1.17", "product_id": "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x" }, "product_reference": "distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x", "relates_to_product_reference": "8Base-JAEGER-1.17" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-28362", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2020-11-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1897635" } ], "notes": [ { "category": "description", "text": "A flaw was found in the math/big package of Go\u0027s standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: math/big: panic during recursive division of very large numbers", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.\nOpenshift Virtualization 1 (formerly Container Native Virtualization) is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities.\n\nRed Hat Gluster Storage 3 shipped multi-cloud-object-gateway-cli and noobaa-operator container as a technical preview and is not currently planned to be addressed in future updates.\n\nOpenShift Container Platform (OCP) 4.5 and earlier are built with Go versions earlier than 1.14, which are not affected by this vulnerability. OCP 4.6 is built with Go 1.15 and is affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x" ], "known_not_affected": [ "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28362" }, { "category": "external", "summary": "RHBZ#1897635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28362", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28362" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362" } ], "release_date": "2020-11-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-23T15:37:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://docs.openshift.com/container-platform/4.7/jaeger/jaeger_install/rhbjaeger-updating.html", "product_ids": [ "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2532" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: math/big: panic during recursive division of very large numbers" }, { "cve": "CVE-2021-3114", "cwe": { "id": "CWE-682", "name": "Incorrect Calculation" }, "discovery_date": "2021-01-21T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1918750" } ], "notes": [ { "category": "description", "text": "A flaw detected in golang: crypto/elliptic, in which P-224 keys as generated can return incorrect inputs, reducing the strength of the cryptography. The highest threat from this vulnerability is confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/elliptic: incorrect operations on the P-224 curve", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x" ], "known_not_affected": [ "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:51c654d56bf087cb262d331857ca22fd25c4caea97d19e2f7492188303b0c952_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:9ea14402c0626a90c5e2d4916d8aad2363e5bc9537ffa19bab940a8a49290217_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-index-cleaner-rhel8@sha256:bbc2a4caa4458377ed2de14841178707da55589383e090b54c2b13c6a110bc81_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:68a13a7b385494c25e6af73f6b6b555c026f3f06566b935f97f8efd9a76c6449_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:873fb90564825ff2d3f5881d6db14efb40f9195bee5908e35cf1352c8acc87a9_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-es-rollover-rhel8@sha256:9c4bc759b3194d5d93448efff4a7b1e60d077e49f1a2a7452da263e46813a35a_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3114" }, { "category": "external", "summary": "RHBZ#1918750", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918750" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3114", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3114" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3114", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3114" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/mperVMGa98w", "url": "https://groups.google.com/g/golang-announce/c/mperVMGa98w" } ], "release_date": "2021-01-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-06-23T15:37:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://docs.openshift.com/container-platform/4.7/jaeger/jaeger_install/rhbjaeger-updating.html", "product_ids": [ "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2532" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:5230c70692537b4da57bb1ac5bc80810bdef4081f2e739172ed71f8368856afb_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:83c39c6a9af8bc7a78c1f5015d8f3f98e4901f5e013e0e6c39611f96c10c005a_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-agent-rhel8@sha256:9d96dd8c0db9924a2b8e33d787cdbfe87f3c85f0d873b306ea443d719c3af55c_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:5327967e9f5e5d75c79e89fee1bc3f59873efd70b8c19202e74d2a460008defe_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:acb62df32ace2fd13bd5ce9874760d95d567d91bb110b26b19c596fb7d86fef1_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-all-in-one-rhel8@sha256:b585c3a9b824de0f51789a8fecf4a2f7bf9e168b6a3573250bf69d9f782b9bed_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:324d5c7182e1edce237c884164ca5a5ad8766591ff1c6cc6613aa6b7ebb2646b_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:c17fb6a021f391948c0725f0a839684538f57805393f2123732db08fe5c32009_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-collector-rhel8@sha256:db34eb04544e03eb56bf606c95d19f79bbd7ec56bd8c500b49fa448718202c9c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:582ff08b5c186cdc27b1d5a340c66a841b3ff10f5ee669f9135e5b9f0303d551_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:81a58e46655d527624cbbba483639e76c21e819e4bf5c65a565d45af79c1832c_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-ingester-rhel8@sha256:cf51d733170ac61077cea0b2a7970d92cc077d4ea731c7a9493af9665fd3cd5f_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:0cc5eae19cab7732b61418212ce3564e948769240f9d2a4bcaa127afd986f968_s390x", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:1c5f7c95cda7e7220c158cb254ba24ad9a358caf364533cfeb6cfd02504a64bf_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-query-rhel8@sha256:4c5ac9c1f7833ad630f2d5154100234e762c9e5d6f0118b17bb2efceb1d8a625_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:57c5dd6f4bb187b4c96b482f6fda7f15d2110126c8f15430b46c2b4489a78384_amd64", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:5c284ed14cc4cb17f075c28790fb295046cb212e35647390d0bfa00a63522146_ppc64le", "8Base-JAEGER-1.17:distributed-tracing/jaeger-rhel8-operator@sha256:7df80c3aa4d769c1e57c4b33503a5fb806d0f79fc31f6351e17da5d97306c243_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: crypto/elliptic: incorrect operations on the P-224 curve" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.