github.com/cortexproject/cortex is vulnerable to information disclosure. The vulnerability exists in multiple functions of api.go
due to a lack of proper validation in OpsGenie
alert manager configuration which allows an attacker to gain access to sensitive information.
cortexmetrics.io/docs/api/#set-alertmanager-configuration
github.com/advisories/GHSA-cq2g-pw6q-hf7j
github.com/cortexproject/cortex/commit/07b57bc860263dd0093098d16fc16ae348c74857
github.com/cortexproject/cortex/commit/737887a50d0f7a7debc66472414eda54c041201c
github.com/cortexproject/cortex/pull/5045
github.com/cortexproject/cortex/releases/tag/v1.13.2
github.com/cortexproject/cortex/releases/tag/v1.14.1
github.com/cortexproject/cortex/security/advisories/GHSA-cq2g-pw6q-hf7j