CVE-2026-24051 OpenTelemetry-Go Affected by Arbitrary Code Execution via PATH Hijacking

OpenTelemetry-Go is the Go implementation of OpenTelemetry. The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking Untrusted Search Paths on macOS/Darwin systems. The resource detection code in sdk/resource/hostid.go executes the ioreg system command using a search pat...

Duplicate Advisory: weaviate denial of service vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8697-479h-5mfp. This link is maintained to preserve external references. Original Description An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the...

CVE-2023-38976

An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function...

Denial of service

An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function...

CVE-2023-38976

An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function...

Kubernetes client-go vulnerable to Sensitive Information Leak via Log File

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects = v1.19.5, = v1.18.13, = v1.17.15, v1.20.0-alpha2...

Insertion of Sensitive Information into Log File

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects = v1.19.3, = v1.18.10, = v1.17.13, v1.20.0-alpha2...

CVE-2020-8565

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects = v1.19.3, = v1.18.10, = v1.17.13, v1.20.0-alpha2...

CVE-2020-8565 Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects = v1.19.3, = v1.18.10, = v1.17.13, v1.20.0-alpha2...

CVE-2020-8565

CVE-2020-8565 affects Kubernetes components (notably API server and kubectl output) where, at logging level 9 or higher, authorization and bearer tokens are written to log files. Public-visibility details in connected docs confirm impact on multiple Kubernetes versions, including <= v1.19.3, &...