761 matches found
CVE-2024-50609
An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...
CVE-2024-50609
An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...
CVE-2024-50609
An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...
PT-2025-6703 · Unknown +1 · Fluent-Bit +1
Name of the Vulnerable Software and Affected Versions: Fluent Bit version 3.1.9 Description: An issue was discovered in Fluent Bit when the OpenTelemetry input plugin is running and listening on an IP address and port. A user with access to the endpoint can send a packet with Content-Length: 0 an...
Security update golang-github-prometheus-prometheus
golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 jscPED-11649: Security issues fixed: CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling bsc1232970 Highlights of other changes: Performance: Significant enhancements to PromQL execution speed,...
Security update for SUSE Manager Client Tools
This update fixes the following issues: dracut-saltboot was updated to version 0.1.1728559936.c16d4fb: Added MAC based terminal naming option jscSUMA-314 golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3 jscPED-11649: Security issues fixed: CVE-2024-51744: Updated...
Azure Linux 3.0 Security Update: cri-tools / docker-buildx / kubernetes / opa / prometheus (CVE-2023-45142)
The version of cri-tools / docker-buildx / kubernetes / opa / prometheus installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45142 advisory. - OpenTelemetry-Go Contrib is a collection of third-party...
Azure Linux 3.0 Security Update: containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc (CVE-2023-47108)
The version of containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-47108 advisory. - OpenTelemetry-Go Contrib is a collecti...
Important: Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.4 release
A new version of Red Hat build of OpenTelemetry has been released Red Hat build of OpenTelemetry is a collection of tools, APIs, and SDKs. You use it to instrument, generate, collect, and export telemetry data metrics, logs, and traces for analysis in order to understand your software's performan...
CVE-2024-55886
OpenSearch Data Prepper is a component of the OpenSearch project that accepts, filters, transforms, enriches, and routes data at scale. A vulnerability exists in the OpenTelemetry Logs source in Data Prepper starting inversion 2.1.0 and prior to version 2.10.2 where some custom authentication...
CVE-2024-55886 OpenTelemetry Logs source may lack authentication with some custom plugins
OpenSearch Data Prepper is a component of the OpenSearch project that accepts, filters, transforms, enriches, and routes data at scale. A vulnerability exists in the OpenTelemetry Logs source in Data Prepper starting inversion 2.1.0 and prior to version 2.10.2 where some custom authentication...
CVE-2024-55886 OpenTelemetry Logs source may lack authentication with some custom plugins
OpenSearch Data Prepper is a component of the OpenSearch project that accepts, filters, transforms, enriches, and routes data at scale. A vulnerability exists in the OpenTelemetry Logs source in Data Prepper starting inversion 2.1.0 and prior to version 2.10.2 where some custom authentication...
CVE-2024-55886 OpenTelemetry Logs source may lack authentication with some custom plugins
OpenSearch Data Prepper is a component of the OpenSearch project that accepts, filters, transforms, enriches, and routes data at scale. A vulnerability exists in the OpenTelemetry Logs source in Data Prepper starting inversion 2.1.0 and prior to version 2.10.2 where some custom authentication...
CVE-2024-55886
The CVE affects OpenSearch Data Prepper (OpenTelemetry Logs source) where custom GrpcAuthenticationProvider plugins that implement getHttpAuthenticationService() instead of getAuthenticationInterceptor() fail to perform authentication, allowing unauthorized data ingestion. Affected versions: 2.1....
OpenSearch Data Prepper 授权问题漏洞
OpenSearch Data Prepper is a component of the OpenSearch project, an OpenSearch open source project. An authorization issue vulnerability exists in OpenSearch Data Prepper version 2.1.0 through versions prior to 2.10.2, which stems from a vulnerability in which certain custom authentication...
PT-2024-36601
Name of the Vulnerable Software and Affected Versions OpenSearch Data Prepper versions 2.1.0 through 2.10.1 Description A vulnerability exists in the OpenTelemetry Logs source in Data Prepper where some custom authentication plugins will not perform authentication, allowing unauthorized users to...
MAL-2024-11761 Malicious code in @opentelemetrya/api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 77badbd499b685fa4658fe6151a9114e22077b0c7e1abb08079acc02c5b044ea The OpenSSF Package Analysis project identified '@opentelemetrya/api' @ 9.9.9 npm as malicious. It is considered malicious because: - The packag...
Fedora: Security Advisory (FEDORA-2024-e7bb8bc2da)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : golang-opentelemetry-contrib / golang-opentelemetry-otel (2024-971a3a4ef7)
The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-971a3a4ef7 advisory. Update opentelemetry stack to 1.17 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.38 bug fix and security update
Red Hat OpenShift Container Platform release 4.15.38 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...