(RHSA-2021:1129) Moderate: Red Hat 3scale API Management 2.10.0 security update and release

2021-04-07T09:52:40
ID RHSA-2021:1129
Type redhat
Reporter RedHat
Modified 2021-05-25T21:31:07

Description

Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools.

This advisory is intended to use with container images for Red Hat 3scale API Management 2.10.0.

Security Fix(es):

  • golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)

  • golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.