Lucene search
K

10 matches found

Circl
Circl
added 2025/06/04 10:18 p.m.6 views

CVE-2024-36129

creationtimestamp| type| source ---|---|--- 2025-06-04 22:18:38+00:00| seen| https://gist.github.com/halcyondude/66828e4acd89fd2975183ac3c839381d...

8.2CVSS6.8AI score0.00994EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/02 3:26 p.m.5 views

Security Bulletin: IBM CloudPak for Data Scheduling Service is vulernable to CVE-2024-36129.

Summary OpenTelemetry Collector is used by the CP4D Scheduling Service for telemetry collection. CVE-2024-36129. Vulnerability Details CVEID:CVE-2024-36129 DESCRIPTION: OpenTelemetry OpenTelemetry Collector is vulnerable to a denial of service, caused by an unsafe decompression vulnerability. By...

8.2CVSS7AI score0.00994EPSS
Exploits1Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2024/10/31 12:0 a.m.4 views

alloy-1.4.3-1.1 on GA media (moderate)

alloy-1.4.3-1.1 on GA media Announcement ID: openSUSE-SU-2024:14439-1 Rating: moderate Cross-References: CVE-2024-36129 CVE-2024-8975 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...

8.2CVSS7AI score0.00994EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/09 12:0 a.m.65 views

Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2024-708)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-708 advisory. Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to...

9.9CVSS7.4AI score0.16496EPSS
Exploits1References10
Amazon
Amazon
added 2024/09/05 12:0 a.m.27 views

Important: amazon-cloudwatch-agent

Issue Overview: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows...

9.9CVSS7.5AI score0.16496EPSS
Exploits1
Amazon
Amazon
added 2024/09/04 12:0 a.m.8 views

Important: amazon-cloudwatch-agent

Issue Overview: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows...

9.9CVSS7.4AI score0.16496EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/06/17 9:24 a.m.22 views

Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.2.1 operator containers security update

Red Hat OpenShift distributed tracing 3.2.1 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

8.2CVSS7.3AI score0.00994EPSS
Exploits1References3
OSV
OSV
added 2024/06/10 6:36 p.m.25 views

GHSA-87M9-RV8P-RGMG go-grpc-compression has a zstd decompression bombing vulnerability

Impact A malicious user could cause a denial of service DoS when using a specially crafted gRPC request. The decompression mechanism for zstd did not respect the limits imposed by gRPC, allowing rapid memory usage increases. Versions v1.1.4 through to v1.2.2 made use of the Decoder.DecodeAll...

7.5CVSS7.5AI score
Exploits0References4
Wolfi
Wolfi
added 2024/06/05 6:15 p.m.142 views

CVE-2024-36129 vulnerabilities

Vulnerabilities for packages: tempo, opentelemetry-collector-contrib, opentelemetry-collector, datadog-agent...

8.2CVSS7AI score0.00994EPSS
Exploits1
NVD
NVD
added 2024/06/05 6:15 p.m.16 views

CVE-2024-36129

The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version 0.102.1 fixes this issue...

8.2CVSS8.2AI score0.00994EPSS
Exploits1References4
Rows per page
Query Builder