OpenTelemetry Collector Contrib 信任管理问题漏洞

OpenTelemetry Collector Contrib is an extensible telemetry data collection component library developed by OpenTelemetry - CNCF. Versions of OpenTelemetry Collector Contrib prior to 1.1.0 contained a trust management vulnerability. This vulnerability stemmed from the lack of validation of HTTPS/TL...

OpenTelemetry Collector Contrib 安全漏洞

OpenTelemetry Collector Contrib is an extensible telemetry data collection component library developed under OpenTelemetry - CNCF. There are security vulnerabilities in versions 0.124.0 to 0.150.0 of OpenTelemetry Collector Contrib. These vulnerabilities stem from the Authenticate method not...

CVE-2026-32285 vulnerabilities

Vulnerabilities for packages: nfpm, dagger, datadog-agent, kubevela, dgraph, malcontent, opentelemetry-collector-contrib, opentelemetry-collector, grafana-alloy, teleport, tempo, weaviate, gitlab-runner, goreleaser, redpanda, loki, k3s, terraform-mcp-server, minio, eksctl, rclone, witness,...

ROS-20260327-73-0013

Vulnerability in opentelemetry-collector-contrib related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260327-73-0014

Vulnerability in opentelemetry-collector-contrib related to incorrect resource initialization. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

GHSA-9MJ6-HXHV-W67J vulnerabilities

Vulnerabilities for packages: telegraf, amazon-cloudwatch-agent, sqlexporter, splunk-otel-collector, jitsucom-bulker, argo-events, dapr, opentelemetry-collector-contrib, bento, cluster-api-aws-controller, grafana-alloy...

CVE-2025-63811 vulnerabilities

Vulnerabilities for packages: amazon-cloudwatch-agent-fips, dapr-fips, argo-events, grafana-alloy, splunk-otel-collector-fips, dapr, telegraf, sqlexporter-fips, sqlexporter, argo-events-fips, opentelemetry-collector-contrib, vault-fips, cluster-api-aws-controller, bento,...

GHSA-JFVP-7X6P-H2PV vulnerabilities

Vulnerabilities for packages: grype, kubernetes, docker, buildah, runc, opentelemetry-collector-contrib, neuvector-scanner, grafana-alloy, podman, syft, cadvisor, k3s, k8s-device-plugin, ctop...

CVE-2024-45310 vulnerabilities

Vulnerabilities for packages: grype, kubernetes, docker, buildah, runc, opentelemetry-collector-contrib, neuvector-scanner, grafana-alloy, podman, syft, cadvisor, k3s, k8s-device-plugin, ctop...

GO-2024-3102 OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability in github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver

OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability in github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver...

GHSA-V23V-6JW2-98FQ vulnerabilities

Vulnerabilities for packages: neuvector-sigstore-interface, aactl, nerdctl, trivy, dagger, harbor-scanner-trivy, datadog-agent, kaniko, kots, chartmuseum, paranoia, wolfictl, opentelemetry-collector-contrib, opentelemetry-collector, flux-helm-controller, grafana-alloy, neuvector-scanner, ctop,...

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: trino, rook, trivy, datadog-agent, restic, py3-cassandra-medusa, opentelemetry-collector-contrib, opentelemetry-collector, hugo, rekor, wal-g, cluster-autoscaler, py3-azure-identity, boring-registry, policy-controller, cosign, tkn, tempo, harbor-registry, zot,...

GHSA-87M9-RV8P-RGMG vulnerabilities

Vulnerabilities for packages: tempo, datadog-agent, opentelemetry-collector-contrib, opentelemetry-collector, spicedb...

GHSA-2CGQ-H8XW-2V5J vulnerabilities

Vulnerabilities for packages: ctop, cadvisor, neuvector-scanner, opentelemetry-collector-contrib, cadvisor-fips, kubernetes, kubernetes-fips, buildah, wolfictl, grype, opentelemetry-collector-contrib-fips...

CVE-2024-3154 vulnerabilities

Vulnerabilities for packages: ctop, cadvisor, neuvector-scanner, opentelemetry-collector-contrib, cadvisor-fips, kubernetes, kubernetes-fips, buildah, wolfictl, grype, opentelemetry-collector-contrib-fips...