Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Opentelemetry Collector Security Vulnerabilities

cve
cve

CVE-2024-36129

The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version 0.102.1 fixes this issue. ...

8.2CVSS

8.1AI Score

0.001EPSS

2024-06-05 06:15 PM
37
cve
cve

CVE-2024-42368

OpenTelemetry, also known as OTel, is a vendor-neutral open source Observability framework for instrumenting, generating, collecting, and exporting telemetry data such as traces, metrics, and logs. The bearertokenauth extension's server authenticator performs a simple, non-constant time string comp...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-08-13 08:15 PM
22
cve
cve

CVE-2024-45043

The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key. OpenT...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-08-28 08:15 PM
30