Moderate: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.7.1 release

🗓️ 05 Nov 2025 14:26:13Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 2 Views

Red Hat OpenShift Tempo 3.7.1 improves security, fixes CVE 2025 5318, and notes a Jaeger user interface issue.

Reporter	Title	Published	Views	Family All 258
IBM Security Bulletins	Security Bulletin: IBM Instana Observability has addressed Multiple Vulnerabilities within Instana Agent container image	3 Mar 202613:53	–	ibm
IBM Security Bulletins	Security Bulletin: TSSC/IMC is vulnerable to an Out-of-bounds Read	23 Dec 202516:47	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Financial Transaction Manager is impacted by an out-of-bounds read vulnerability in RedHat Proxy for Kubernetes RBAC authorization	30 Oct 202518:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)	29 Jan 202613:44	–	ibm
ATTACKERKB	CVE-2025-5318	24 Jun 202514:15	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : libssh, libssh-config, libssh-devel (ALAS2023-2025-1155)	8 Sep 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0178: libssh (ALINUX3-SA-2025:0178)	17 Nov 202500:00	–	nessus
Tenable Nessus	AlmaLinux 10 : libssh (ALSA-2025:18231)	17 Oct 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : libssh (ALSA-2025:18275)	17 Oct 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : libssh (ALSA-2025:18286)	21 Oct 202500:00	–	nessus

Source	Link
access	www.access.redhat.com/security/cve/CVE-2025-5318
access	www.access.redhat.com/security/updates/classification/
docs	www.docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo

27 Feb 2026 17:05Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.18.1

EPSS0.00178

SSVC

red hat openshift tempo security cve 2025 5318 jaeger user interface tracing workaround