761 matches found
CVE-2026-24051
OpenTelemetry-Go is the Go implementation of OpenTelemetry. The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking Untrusted Search Paths on macOS/Darwin systems. The resource detection code in sdk/resource/hostid.go executes the ioreg system command using a search pat...
OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking
Impact The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking Untrusted Search Paths on macOS/Darwin systems. The resource detection code in sdk/resource/hostid.go executes the ioreg system command using a search path. An attacker with the ability to locally modify the...
OpenTelemetry-Go 代码问题漏洞
OpenTelemetry-Go is an open-source developer toolkit developed by OpenTelemetry - CNCF. Versions of OpenTelemetry-Go from 1.20.0 to 1.39.0 have code vulnerabilities. These vulnerabilities stem from path hijacking during the execution of the ioreg command in resource detection code, which may lead...
PT-2026-5718
Name of the Vulnerable Software and Affected Versions OpenTelemetry-Go versions 1.20.0 through 1.39.0 Description The OpenTelemetry Go SDK versions 1.20.0 through 1.39.0 are susceptible to a path hijacking issue on macOS/Darwin systems. The resource detection code in sdk/resource/host id.go...
Important: Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.8.2 release
Red Hat build of OpenTelemetry 3.8.2 has been released This release of the Red Hat build of OpenTelemetry provides new features, security improvements, and bug fixes. Breaking changes: Nothing Deprecations: Nothing Technology Preview features: Nothing Enhancements: Nothing Bug fixes:...
CVE-2026-23886 Swift W3C TraceContext has malformed HTTP header that can cause a crash
Swift W3C TraceContext is a Swift implementation of the W3C Trace Context standard, and Swift OTel is an OpenTelemetry Protocol OTLP backend for Swift Log, Swift Metrics, and Swift Distributed Tracing. Prior to Swift W3C TraceContext version 1.0.0-beta.5 and Swift OTel version 1.0.4, a...
PT-2026-3508
Name of the Vulnerable Software and Affected Versions Swift W3C TraceContext versions prior to 1.0.0-beta.5 Swift OTel versions prior to 1.0.4 Description A flaw exists in Swift W3C TraceContext and Swift OTel due to insufficient input validation. This can lead to a denial-of-service condition,...
RHSA-2026:0514 Red Hat Security Advisory: opentelemetry-collector security update
Bulletin has no description...
RHSA-2026:0513 Red Hat Security Advisory: opentelemetry-collector security update
Bulletin has no description...
RHSA-2026:0512 Red Hat Security Advisory: opentelemetry-collector security update
Bulletin has no description...
Important: Red Hat Security Advisory: opentelemetry-collector security update
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: opentelemetry-collector security update
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: opentelemetry-collector security update
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
MiracleLinux 9 : opentelemetry-collector-0.135.0-2.el9_7 (AXSA:2025-11627:08)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-11627:08 advisory. github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-68156 Tenable has extracted the preceding...
MiracleLinux 9 : opentelemetry-collector-0.127.0-1.el9_6 (AXSA:2025-10719:05)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10719:05 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...
MiracleLinux 9 : opentelemetry-collector-0.127.0-2.el9_6 (AXSA:2025-10876:06)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10876:06 advisory. net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 Tenable has extracted the preceding description block directly fr...
MiracleLinux 9 : opentelemetry-collector-0.107.0-10.el9_5 (AXSA:2025-9839:03)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9839:03 advisory. golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 Tenable has extracted the preceding description block directly...
GHSA-FHC2-8QX8-6VJ7 vulnerabilities
Vulnerabilities for packages: splunk-otel-collector...
CVE-2025-5999 vulnerabilities
Vulnerabilities for packages: splunk-otel-collector-fips, splunk-otel-collector...
GHSA-MR4H-QF9J-F665 vulnerabilities
Vulnerabilities for packages: splunk-otel-collector-fips, splunk-otel-collector...