github.com/grafana/tempo-operator

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/grafana/tempo-operatorpage 1 of 1

CVE-2025-2786MEDIUMCVSS 4.3EG 4.3✓ Fixed in 0.16.0
2025-04-02
A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract…
CVE-2025-2842MEDIUMCVSS 4.3EG 4.3✓ Fixed in 0.16.0
2025-04-02
A flaw was found in the Tempo Operator. When the Jaeger UI Monitor Tab functionality is enabled in a Tempo instance managed by the Tempo Operator, the Operator creates a ClusterRoleBinding for the Service Account of the Tempo instance to g…

Check whether github.com/grafana/tempo-operator is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/grafana/tempo-operator CVEs against the assets you own.

Start Free Scan →