Advisories for Golang/Github.com/Jaegertracing/Jaeger package

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in github.com/jaegertracing/jaeger.

Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used. This flaw allows an attacker with access to the container's log file to discover the Kafka credentials.

Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger when the Kafka data store is used. This flaw allows an attacker with access to the container's log file to discover the Kafka credentials.