25 matches found
CVE-2026-25528
LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. The LangSmith SDK's distributed tracing feature is vulnerable to Server-Side Request Forgery via malicious HTTP headers. An attacker can inject arbitrary apiurl values through the baggage header, causing the SDK to...
PT-2026-7149
Name of the Vulnerable Software and Affected Versions LangSmith Client SDKs versions prior to 0.6.3 LangSmith Client SDKs versions prior to 0.4.6 Description The LangSmith SDK’s distributed tracing feature is susceptible to Server-Side Request Forgery SSRF through manipulation of HTTP headers. An...
Moderate: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.8.1 release
Red Hat OpenShift distributed tracing platform Tempo 3.8.1 has been released This release of the Red Hat OpenShift distributed tracing platform Tempo provides a CVE fix. Breaking changes: Nothing Deprecations: Nothing Technology Preview features: Nothing Enhancements: Nothing Bug fixes:...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release
Red Hat OpenShift distributed tracing platform Tempo 3.5.1 has been released Release of Red Hat OpenShift distributed tracing provides following security improvements, bug fixes, and new features. The Red Hat OpenShift distributed tracing Tempo 3.5.1 is based on the open source...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.4 release
A new version of Red Hat OpenShift distributed tracing platform Jaeger has been released Red Hat OpenShift distributed tracing platform based on Jaeger. Jaeger is a project inspired by Dapper and OpenZipkin. It is a distributed tracing system released as open source by Uber Technologies. It is us...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.4 release
A new version of Red Hat OpenShift distributed tracing platform Tempo has been released Red Hat OpenShift distributed tracing platform based on Tempo. Tempo is an open-source, easy-to-use, and highly scalable distributed tracing backend. It provides observability for microservices architectures b...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.4 release
A new version of Red Hat OpenShift distributed tracing platform Jaeger has been released Red Hat OpenShift distributed tracing platform based on Jaeger. Jaeger is a project inspired by Dapper and OpenZipkin. It is a distributed tracing system released as open source by Uber Technologies. It is us...
Moderate: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.4 release
A new version of Red Hat OpenShift distributed tracing platform Tempo has been released Red Hat OpenShift distributed tracing platform based on Tempo. Tempo is an open-source, easy-to-use, and highly scalable distributed tracing backend. It provides observability for microservices architectures b...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Jaeger) 3.4 release
A new version of Red Hat OpenShift distributed tracing platform Jaeger has been released Red Hat OpenShift distributed tracing platform based on Jaeger. Jaeger is a project inspired by Dapper and OpenZipkin. It is a distributed tracing system released as open source by Uber Technologies. It is us...
(RHSA-2024:6274) Moderate: Red Hat OpenShift distributed tracing 3.3.0 operator/operand containers
Release of Red Hat OpenShift distributed tracing provides these changes:...
Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2024-038)
The version of ecs-service-connect-agent installed on the remote host is prior to v1.29.6.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2024-038 advisory. dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context du...
CVE-2024-38525
dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...
CVE-2024-38525
CVE-2024-38525 affects dd-trace-cpp (Datadog tracing for C++). The root cause is that when trying to extract trace context from malformed unicode, the code logs audited headers/values using the nlohmann JSON library and triggers an uncaught exception, causing a crash. The vulnerability has been p...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.2.1 operator containers security update
Red Hat OpenShift distributed tracing 3.2.1 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.2.0 operator/operand containers update
Red Hat OpenShift distributed tracing 3.2.0 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Moderate: Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.1.1 operator/operand containers
Red Hat OpenShift distributed tracing 3.1.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Low: Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.1.0 operator/operand containers
Red Hat OpenShift distributed tracing 3.1.0 Red Hat Product Security has rated this update as having a security impact of "Low". A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.0.0 operator/operand containers
Red Hat OpenShift distributed tracing 3.0.0 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing 2.9.0 containers security update
An update is now available for Red Hat Openshift distributed tracing 2.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing security update
An update is now available for Red Hat Openshift distributed tracing 2.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...