RHSA-2026:3459
Vulnerability from csaf_redhat - Published: 2026-02-26 19:58 - Updated: 2026-02-27 03:27Summary
Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.9.0 release
Notes
Topic
Red Hat OpenShift distributed tracing platform (Tempo) 3.9.0 has been released
Details
This release of the Red Hat OpenShift distributed tracing platform (Tempo) provides new features, security improvements, and bug fixes.
Breaking changes:
* Nothing
Deprecations:
* Nothing
Technology Preview features:
* Nothing
Enhancements:
* This release upgrades Tempo components to version 2.10.0, which improves TraceQL performance. Jira issue: https://issues.redhat.com/browse/TRACING-5944.
* This update extends the `TempoStack` Custom Resource Definition (CRD) with a network policy option that enables the Operator to reconcile network policies among all components. This option is enabled by default. Jira issue: https://issues.redhat.com/browse/TRACING-5807.
* This update adds support for overriding the Operator configuration by using environment variables. You can configure Operator settings through the `Subscription` custom resource of the Operator Lifecycle Manager (OLM) without modifying ConfigMaps. The `--config` flag remains available for custom configuration files if needed. Jira issue: https://issues.redhat.com/browse/TRACING-5745.
* This update introduces the `size` field for `TempoStack` deployments, which provides predefined t-shirt size configurations. Instead of manually calculating CPU, memory, and storage for each component, you can select a size that matches your workload scale. The following sizes are available: `1x.demo`, `1x.pico`, `1x.extra-small`, `1x.small`, and `1x.medium`. This field is optional and existing configurations using `resources.total` or per-component overrides continue to work unchanged. Jira issue: https://issues.redhat.com/browse/TRACING-5376.
* Improve TempoMonolithic memory usage. The Operator now automatically sets the `GOMEMLIMIT` soft memory limit for the Go garbage collector to 80% of the container memory limit for all Tempo components. This reduces the likelihood of out-of-memory terminations. Jira issue: https://issues.redhat.com/browse/TRACING-4554.
* This update requires tenant configuration and an enabled gateway for `TempoStack` and `TempoMonolithic` instances. If you do not enable the gateway, the Operator displays a warning. For a `TempoStack` instance, enable the gateway by setting `.spec.template.gateway.enabled` to `true`. For a `TempoMonolithic` instance, the gateway is enabled automatically when any tenant is configured. `TempoStack` and `TempoMonolithic` instances without an enabled gateway are not supported. Jira ticket: https://issues.redhat.com/browse/TRACING-5750.
* This release upgrades the Red Hat Universal Base Image (UBI) to version 9.
Bug fixes:
* Fixed network policies for managed OpenShift services. Before this update, the Operator network policies used a hard-coded port 6443 for the API server. As a consequence, the Operator failed to connect to managed OpenShift services that expose the API on port 443. With this update, the Operator dynamically retrieves the control plane address from service endpoints. As a result, network policies work correctly on all OpenShift environments. Jira issue: https://issues.redhat.com/browse/TRACING-5974.
* CVE-2025-61726: Before this update, a flaw existed in the `net/url` package in the Go standard library. As a consequence, a denial-of-service HTTP request with a massive number of query parameters could cause the application to consume an excessive amount of memory and eventually become unresponsive. This release eliminates this flaw. For more information, see https://access.redhat.com/security/cve/cve-2025-61726.
* CVE-2025-61729: Before this update, the `HostnameError.Error()` function in the Go `crypto/x509` package used string concatenation in a loop without limiting the number of printed hostnames. As a consequence, processing a malicious certificate with many hostnames could cause excessive CPU and memory consumption, leading to a denial-of-service condition. This release includes the fix for this flaw. For more information, see https://access.redhat.com/security/cve/CVE-2025-61729.
* CVE-2025-68121: Before this update, a flaw existed in the `crypto/tls` package in the Go standard library. As a consequence, during TLS session resumption, unauthorized clients or servers could bypass certificate validation if CA pools were mutated between handshakes. This release includes the fix for this flaw. For more information, see https://access.redhat.com/security/cve/CVE-2025-68121.
Known issues:
* Gateway fails to forward OTLP HTTP traffic when receiver TLS is enabled. When Tempo Monolithic is configured with `multitenancy.enabled: true` and `ingestion.otlp.http.tls.enabled: true`, the gateway forwards OTLP HTTP traffic to the Tempo receiver using plain HTTP instead of HTTPS. As a consequence, the connection fails with a `connection reset by peer` error because the receiver expects TLS connections. OTLP gRPC ingestion through the gateway is not affected. Jira issue: https://issues.redhat.com/browse/TRACING-5973.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift distributed tracing platform (Tempo) 3.9.0 has been released",
"title": "Topic"
},
{
"category": "general",
"text": "This release of the Red Hat OpenShift distributed tracing platform (Tempo) provides new features, security improvements, and bug fixes.\n\n\nBreaking changes:\n\n* Nothing\n\n\nDeprecations:\n\n* Nothing\n\n\nTechnology Preview features:\n\n* Nothing\n\n\nEnhancements:\n\n* This release upgrades Tempo components to version 2.10.0, which improves TraceQL performance. Jira issue: https://issues.redhat.com/browse/TRACING-5944.\n\n* This update extends the `TempoStack` Custom Resource Definition (CRD) with a network policy option that enables the Operator to reconcile network policies among all components. This option is enabled by default. Jira issue: https://issues.redhat.com/browse/TRACING-5807.\n\n* This update adds support for overriding the Operator configuration by using environment variables. You can configure Operator settings through the `Subscription` custom resource of the Operator Lifecycle Manager (OLM) without modifying ConfigMaps. The `--config` flag remains available for custom configuration files if needed. Jira issue: https://issues.redhat.com/browse/TRACING-5745.\n\n* This update introduces the `size` field for `TempoStack` deployments, which provides predefined t-shirt size configurations. Instead of manually calculating CPU, memory, and storage for each component, you can select a size that matches your workload scale. The following sizes are available: `1x.demo`, `1x.pico`, `1x.extra-small`, `1x.small`, and `1x.medium`. This field is optional and existing configurations using `resources.total` or per-component overrides continue to work unchanged. Jira issue: https://issues.redhat.com/browse/TRACING-5376.\n\n* Improve TempoMonolithic memory usage. The Operator now automatically sets the `GOMEMLIMIT` soft memory limit for the Go garbage collector to 80% of the container memory limit for all Tempo components. This reduces the likelihood of out-of-memory terminations. Jira issue: https://issues.redhat.com/browse/TRACING-4554.\n\n* This update requires tenant configuration and an enabled gateway for `TempoStack` and `TempoMonolithic` instances. If you do not enable the gateway, the Operator displays a warning. For a `TempoStack` instance, enable the gateway by setting `.spec.template.gateway.enabled` to `true`. For a `TempoMonolithic` instance, the gateway is enabled automatically when any tenant is configured. `TempoStack` and `TempoMonolithic` instances without an enabled gateway are not supported. Jira ticket: https://issues.redhat.com/browse/TRACING-5750.\n\n* This release upgrades the Red Hat Universal Base Image (UBI) to version 9.\n\n\nBug fixes:\n\n* Fixed network policies for managed OpenShift services. Before this update, the Operator network policies used a hard-coded port 6443 for the API server. As a consequence, the Operator failed to connect to managed OpenShift services that expose the API on port 443. With this update, the Operator dynamically retrieves the control plane address from service endpoints. As a result, network policies work correctly on all OpenShift environments. Jira issue: https://issues.redhat.com/browse/TRACING-5974.\n\n* CVE-2025-61726: Before this update, a flaw existed in the `net/url` package in the Go standard library. As a consequence, a denial-of-service HTTP request with a massive number of query parameters could cause the application to consume an excessive amount of memory and eventually become unresponsive. This release eliminates this flaw. For more information, see https://access.redhat.com/security/cve/cve-2025-61726.\n\n* CVE-2025-61729: Before this update, the `HostnameError.Error()` function in the Go `crypto/x509` package used string concatenation in a loop without limiting the number of printed hostnames. As a consequence, processing a malicious certificate with many hostnames could cause excessive CPU and memory consumption, leading to a denial-of-service condition. This release includes the fix for this flaw. For more information, see https://access.redhat.com/security/cve/CVE-2025-61729.\n\n* CVE-2025-68121: Before this update, a flaw existed in the `crypto/tls` package in the Go standard library. As a consequence, during TLS session resumption, unauthorized clients or servers could bypass certificate validation if CA pools were mutated between handshakes. This release includes the fix for this flaw. For more information, see https://access.redhat.com/security/cve/CVE-2025-68121.\n\n\nKnown issues:\n\n* Gateway fails to forward OTLP HTTP traffic when receiver TLS is enabled. When Tempo Monolithic is configured with `multitenancy.enabled: true` and `ingestion.otlp.http.tls.enabled: true`, the gateway forwards OTLP HTTP traffic to the Tempo receiver using plain HTTP instead of HTTPS. As a consequence, the connection fails with a `connection reset by peer` error because the receiver expects TLS connections. OTLP gRPC ingestion through the gateway is not affected. Jira issue: https://issues.redhat.com/browse/TRACING-5973.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3459",
"url": "https://access.redhat.com/errata/RHSA-2026:3459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3459.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.9.0 release",
"tracking": {
"current_release_date": "2026-02-27T03:27:59+00:00",
"generator": {
"date": "2026-02-27T03:27:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:3459",
"initial_release_date": "2026-02-26T19:58:40+00:00",
"revision_history": [
{
"date": "2026-02-26T19:58:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-26T19:58:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-27T03:27:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 3.9.0",
"product": {
"name": "Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256%3A90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771847684"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel9@sha256%3Af406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843440"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel9@sha256%3A8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843277"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel9@sha256%3Acd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843135"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9-operator@sha256%3Adc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel9@sha256%3A64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843085"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9@sha256%3Adf88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843082"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel9@sha256%3A5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843440"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel9@sha256%3Ada4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843277"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel9@sha256%3Aa03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843135"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9-operator@sha256%3A836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel9@sha256%3Acee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843085"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9@sha256%3A2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843082"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel9@sha256%3A16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843440"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel9@sha256%3A4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843277"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel9@sha256%3Afc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843135"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9-operator@sha256%3A0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel9@sha256%3A52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843085"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9@sha256%3A3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843082"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel9@sha256%3A76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843440"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel9@sha256%3Ac90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843277"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel9@sha256%3Abfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843135"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9-operator@sha256%3Aecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel9@sha256%3A0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843085"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel9@sha256%3Ac665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=1771843082"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64 as a component of Red Hat OpenShift distributed tracing 3.9.0",
"product_id": "Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.9.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-26T19:58:40+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3459"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-26T19:58:40+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3459"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: Unexpected session resumption in crypto/tls",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
],
"known_not_affected": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-26T19:58:40+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3459"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:a03e51634b01763f1f4ef7d74c1927919430d1fa1e4c37de3e1541b7dcf07b7c_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:bfce7a25f48e52508ea06d5cbfa2713ba34001108d1300fa997278b8adbd602a_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:cd55f3750867fa478f118f6f24cc34ab1778a29b3e46665408874d945df7dab9_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel9@sha256:fc56b8131efe2bd94900d237b8cedf72ddc917e269c9a8277852cb3eeb65aa50_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:16060709000e2eadd2a67e70c07169673d8a5dd17e2a0c3773f00f2ed70a2387_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:5d876965288712d82ad017e5838ca5b9c4fa507c8c7c14ceb404a020113d8396_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:76a0a2fba9632bd614adc12eb35df686f2502c71cfdbf699a1c3d2bb62871d29_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-gateway-rhel9@sha256:f406407af8056cdf664bc525ca91dba35cb047f57b6072c0611567b9d52639a7_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:4d8aacf31e9e78db9aa8f9722e89c1999da5033b9e6716c3853845cc3b1e06f5_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:8fd5701262304469820b1103a5aefbd5a63200bbb106cd81e1f402548812a932_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:c90c7540ee2549fa430f5fd42b7e2a6183e0027fa11514151496b56e235b610c_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel9@sha256:da4e907fcbb808128b23afd41d4651555dcff11db2e361adc1bfac1f231db4aa_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:90d1a71febb6cac99b64fc4863bcb66b11aa18c30dad93b244aca3290c3574e0_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:0bf8e0ac0183cc9c0bb8011261945562fc848f92083770f009babf55a76d97aa_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:52f9517cb0d07549162a971c4969fe1319a2fb287135f54e1344065ef516883d_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:64493ed24c50692ef9cd6150737102d98ae120b6dba1599fdd6f13dff4c783a3_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-query-rhel9@sha256:cee195d4549093a1d9d161b243a1373368560f8bd578a57e5e2f5a2239801b99_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:0acc5e1a59997d41552c51e2be79e7f40c8b91a2ee55d7c1efc9e0cd7960de9a_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:836fe86ff3d2beeedfb4eeea334e06f971a216fe903b846a1186c2fb77024b45_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:dc6eb4ba236ba188753f3c44134e76b95b56d3f6c85a05dc298885da72c0a8dd_amd64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9-operator@sha256:ecf05fcb9614dfaab20783e9218f418497eaddd42b0d51a32a8034c52070376e_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:2c607d3ab16a5576481d060c5022a60aded5105169b44a02036fa6f37a169953_arm64",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:3012a6730ca532de4dc6d524279e9c9f04b69afeaec81c3fc2df43bfc1c888b7_ppc64le",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:c665ee88b56ebe02f4d2260262bb044647d900a17958ac9dae3932d240ceac09_s390x",
"Red Hat OpenShift distributed tracing 3.9.0:registry.redhat.io/rhosdt/tempo-rhel9@sha256:df88c2ddadcc28f76718d9965867aa4bcfb55d8b891184b54755e4d1be68ebd1_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: Unexpected session resumption in crypto/tls"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…