logo
DATABASE RESOURCES PRICING ABOUT US

(RHSA-2021:2543) Moderate: Red Hat OpenShift Jaeger 1.20.4 security update

Description

Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation. Security Fix(es): * libthrift: potential DoS when processing untrusted payloads (CVE-2020-13949) * golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362) * nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500) * golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114) * nodejs-lodash: command injection via template (CVE-2021-23337) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.


Related