5 matches found
EUVD-2024-2627
Malicious code in bioql PyPI...
GHSA-PRF6-XJXH-P698 OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability
Summary OpenTelemetry Collector module awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key. OpenTelemetry Collector can be configured to receive CloudWatch metrics via an AWS Firehose Stream. Firehose sets the header X-Amz-Firehose-Access-Key with an...
CVE-2024-45043
The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key...
CVE-2024-45043
CVE-2024-45043 – OpenTelemetry Collector AWS Firehose Receiver Authentication Bypass Affected component: OpenTelemetry Collector Contrib awsfirehosereceiver (alpha module). Issue: when configured to require an access key (X-Amz-Firehose-Access-Key), the receiver still accepts requests with no key...
CVE-2023-43784
Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat...