VDB
RHSA-2022%3A0318
RHSA-2022%3A0318
PUBLISHED
CVSS 7.300000190734863 HIGH
A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Risk Scores
CVSS 3.1
7.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le, rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le |
| Red Hat | rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64 as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64, rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64 |
| Red Hat | rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64 as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64, rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64 |
| Red Hat | rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x, rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x |
| Red Hat | rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x as a component of Red Hat OpenShift distributed tracing 2.1 | *, rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x |
| Red Hat | rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64 as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64, rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64 |
| Red Hat | rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64 as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64 |
| Red Hat | rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x |
| Red Hat | rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64 as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64 |
| Red Hat | rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x |
| Red Hat | rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64 as a component of Red Hat OpenShift distributed tracing 2.1 | *, rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64 |
| Red Hat | rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x as a component of Red Hat OpenShift distributed tracing 2.1 | * |
| Red Hat | rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64 as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64 |
| Red Hat | rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1 | *, rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le |
| Red Hat | rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64 as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64, rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64 |
| Red Hat | rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64 as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64 |
| Red Hat | rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le |
| Red Hat | rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x as a component of Red Hat OpenShift distributed tracing 2.1 | *, * |
| Red Hat | rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le |
| Red Hat | rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x as a component of Red Hat OpenShift distributed tracing 2.1 | rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x, * |
…and 52 more
Timeline
- Jan 27, 2022 CVE Published
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Distribution Patch
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 29, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2022:0318 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1992006 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1995656 issue
- https://issues.redhat.com/browse/TRACING-2235 advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0318.json advisory
- https://access.redhat.com/security/cve/CVE-2021-29923 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-29923 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-29923 advisory
- https://sick.codes/sick-2021-016/ advisory
- https://access.redhat.com/security/cve/CVE-2021-36221 advisory
- https://www.cve.org/CVERecord?id=CVE-2021-36221 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-36221 advisory
- https://groups.google.com/g/golang-announce/c/uHACNfXAZqk advisory