761 matches found
CVE-2024-45043
The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key...
CVE-2024-55886
OpenSearch Data Prepper is a component of the OpenSearch project that accepts, filters, transforms, enriches, and routes data at scale. A vulnerability exists in the OpenTelemetry Logs source in Data Prepper starting inversion 2.1.0 and prior to version 2.10.2 where some custom authentication...
CVE-2023-43810
OpenTelemetry, also known as OTel for short, is a vendor-neutral open-source Observability framework for instrumenting, generating, collecting, and exporting telemetry data such as traces, metrics, logs. Autoinstrumentation out of the box adds the label httpmethod that has unbound cardinality. It...
RHSA-2025:7479 Red Hat Security Advisory: opentelemetry-collector security update
Bulletin has no description...
RHSA-2025:7407 Red Hat Security Advisory: opentelemetry-collector security update
Bulletin has no description...
Important: Red Hat Security Advisory: opentelemetry-collector security update
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: opentelemetry-collector security update
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 9 : opentelemetry-collector (RHSA-2025:7407)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7407 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: go-jose: Go JOSE's Parsing Vulnerable to Denial...
BIT-FLUENT-BIT-2024-50609
An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...
Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 279. Vulnerability Details CVEID:CVE-2024-24790 DESCRIPTION: An unspecified error related to various Is methods IsPrivate, IsLoopback, etc did not work as expected for...
RHEL 9 : opentelemetry-collector (RHSA-2025:3698)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3698 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: golang-jwt/jwt: jwt-go allows excessive memory allocatio...
RHSA-2025:3698 Red Hat Security Advisory: opentelemetry-collector security update
Bulletin has no description...
Important: Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.5.1 release
Red Hat build of OpenTelemetry 3.5.1 has been released Release of Red Hat OpenShift distributed tracing provides following security improvements, bug fixes, and new features. Breaking changes: Nothing Deprecations: Nothing Technology Preview features: Nothing Enhancements: Nothing Bug fixes:...
Important: Red Hat Security Advisory: opentelemetry-collector security update
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
RHEL 9 : opentelemetry-collector (RHSA-2025:3411)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3411 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: golang-jwt/jwt: jwt-go allows excessive memory allocatio...
RHEL 9 : opentelemetry-collector (RHSA-2025:3593)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:3593 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: golang: net/http: net/http: sensitive headers...
RHSA-2025:3593 Red Hat Security Advisory: opentelemetry-collector security update
Bulletin has no description...
opentelemetry-collector bug fix and enhancement update
An update is available for opentelemetry-collector. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
Important: Red Hat Security Advisory: opentelemetry-collector security update
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Security Bulletin: IBM CloudPak for Data Scheduling Service is vulernable to CVE-2024-36129.
Summary OpenTelemetry Collector is used by the CP4D Scheduling Service for telemetry collection. CVE-2024-36129. Vulnerability Details CVEID:CVE-2024-36129 DESCRIPTION: OpenTelemetry OpenTelemetry Collector is vulnerable to a denial of service, caused by an unsafe decompression vulnerability. By...