11 matches found
GHSA-F696-867G-2759 Jenkins OpenTelemetry Plugin missing permission check allows capturing credentials
A missing permission check in Jenkins OpenTelemetry Plugin 3.1543.v8446b92bcd64 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-58460
A missing permission check in Jenkins OpenTelemetry Plugin 3.1543.v8446b92bcd64 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2025-58460
The CVE concerns the Jenkins OpenTelemetry Plugin (versions up to 3.1543.v8446b_92b_cd64) with a missing permission check. This allows attackers who have Overall/Read to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, enabling capture...
Jenkins OpenTelemetry Plugin 安全漏洞
Jenkins OpenTelemetry Plugin is an open source monitoring plugin for Jenkins. A security vulnerability exists in Jenkins OpenTelemetry Plugin 3.1543.v8446b92bcd64 and prior versions, which stems from a lack of privilege checking and could lead to credential disclosure...
PT-2025-35782
Name of the Vulnerable Software and Affected Versions: Jenkins OpenTelemetry Plugin versions 3.1543.v8446b 92b cd64 and earlier Description: A missing permission check allows attackers with Overall/Read permission to connect to a URL specified by the attacker, using credentials IDs obtained throu...
BIT-FLUENT-BIT-2024-50609
An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...
CVE-2024-50609
An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...
CVE-2024-50609
An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...
CVE-2024-50609
An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...
PT-2025-6703 · Unknown +1 · Fluent-Bit +1
Name of the Vulnerable Software and Affected Versions: Fluent Bit version 3.1.9 Description: An issue was discovered in Fluent Bit when the OpenTelemetry input plugin is running and listening on an IP address and port. A user with access to the endpoint can send a packet with Content-Length: 0 an...
Observing Spin Apps with OpenTelemetry and the .NET Aspire Dashboard
Observe Spin apps locally using automatic instrumentation, the otel plug-in, and the .NET Aspire dashboard for logs, metrics, and traces...