17 matches found
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: opentelemetry-collector-contrib: opentelemetry-collector-contrib-0.155.0-0.1.hum1 aarch64, x8664 opentelemetry-collector-contrib-0.155.0-0.1.hum1.src src...
CLEANSTART-2026-MC76610 Security fixes for CVE-2026-27145, CVE-2026-33816, CVE-2026-34986, CVE-2026-39821, CVE-2026-39824, CVE-2026-39883, CVE-2026-41602, CVE-2026-42504, CVE-2026-42507, CVE-2026-46595, ghsa-6g7g-w4f8-9c9x, ghsa-p77j-4mvh-x3m3, ghsa-xmrv-pmrh-hhx2 applied in versions: 0.144.0-r3, 0.144.0-r4, 0.150.0-r0, 0.150.0-r1
Multiple security vulnerabilities affect the opentelemetry-collector-contrib package. These issues are resolved in later releases. See references for individual vulnerability details...
OpenTelemetry Collector Contrib 信任管理问题漏洞
OpenTelemetry Collector Contrib is an extensible telemetry data collection component library developed by OpenTelemetry - CNCF. Versions of OpenTelemetry Collector Contrib prior to 1.1.0 contained a trust management vulnerability. This vulnerability stemmed from the lack of validation of HTTPS/TL...
OpenTelemetry Collector Contrib 安全漏洞
OpenTelemetry Collector Contrib is an extensible telemetry data collection component library developed under OpenTelemetry - CNCF. There are security vulnerabilities in versions 0.124.0 to 0.150.0 of OpenTelemetry Collector Contrib. These vulnerabilities stem from the Authenticate method not...
CVE-2026-32285 vulnerabilities
Vulnerabilities for packages: teleport, grafana, malcontent, weaviate, terraform-mcp-server, loki, goreleaser, lazygit, minio, datadog-agent, cri-tools, k8sgpt, grafana-alloy, opentelemetry-collector, opentelemetry-collector-contrib, tempo, gitlab-runner, maru, kubevela, nfpm, terragrunt,...
ROS-20260327-73-0014
Vulnerability in opentelemetry-collector-contrib related to incorrect resource initialization. Exploitation of the vulnerability may allow an attacker to cause a denial of service...
ROS-20260327-73-0013
Vulnerability in opentelemetry-collector-contrib related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
GHSA-9MJ6-HXHV-W67J vulnerabilities
Vulnerabilities for packages: sqlexporter, grafana-alloy, opentelemetry-collector-contrib, cluster-api-aws-controller, bento, dapr, telegraf, amazon-cloudwatch-agent, argo-events, splunk-otel-collector, jitsucom-bulker...
CVE-2025-63811 vulnerabilities
Vulnerabilities for packages: vault-fips, amazon-cloudwatch-agent, amazon-cloudwatch-agent-fips, dapr-fips, argo-events-fips, splunk-otel-collector-fips, telegraf, bento, sqlexporter-fips, argo-events, jitsucom-bulker, opentelemetry-collector-contrib, vault, dapr, cluster-api-aws-controller,...
GHSA-JFVP-7X6P-H2PV vulnerabilities
Vulnerabilities for packages: grafana-alloy, opentelemetry-collector-contrib, k3s, buildah, cadvisor, docker, kubernetes, syft, k8s-device-plugin, podman, neuvector-scanner, grype, runc, ctop...
CVE-2024-45310 vulnerabilities
Vulnerabilities for packages: grafana-alloy, opentelemetry-collector-contrib, k3s, buildah, cadvisor, docker, kubernetes, syft, k8s-device-plugin, podman, neuvector-scanner, grype, runc, ctop...
GO-2024-3102 OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability in github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver
OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability in github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver...
GHSA-V23V-6JW2-98FQ vulnerabilities
Vulnerabilities for packages: flux, guac, bom, flux-image-reflector-controller, kpt, skaffold, buildkitd, k9s, falcoctl, goreleaser, scorecard, syft, newrelic-infrastructure-agent, cosign, zarf, ko, skopeo, datadog-agent, timoni, trivy, paranoia, cri-tools, harbor-scanner-trivy, k8sgpt,...
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: flux, guac, bank-vaults, flux-image-reflector-controller, step-ca, sqlpad, trino, py3-cassandra-medusa, buildkitd, py3-azure-identity, falcoctl, goreleaser, grafana-agent-operator, hugo-extended, airflow, cosign, timestamp-authority, velero, zarf, thanos,...
GHSA-87M9-RV8P-RGMG vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, tempo, spicedb, opentelemetry-collector-contrib, datadog-agent...
GHSA-2CGQ-H8XW-2V5J vulnerabilities
Vulnerabilities for packages: ctop, kubernetes, buildah, cadvisor, neuvector-scanner, cadvisor-fips, kubernetes-fips, grype, wolfictl, opentelemetry-collector-contrib-fips, opentelemetry-collector-contrib...
CVE-2024-3154 vulnerabilities
Vulnerabilities for packages: ctop, kubernetes, buildah, cadvisor, neuvector-scanner, cadvisor-fips, kubernetes-fips, grype, wolfictl, opentelemetry-collector-contrib-fips, opentelemetry-collector-contrib...