VYPR

apk package

chainguard/opentelemetry-collector-ocb-fips

pkg:apk/chainguard/opentelemetry-collector-ocb-fips

Vulnerabilities (44)

  • CVE-2024-35255Jun 11, 2024
    affected < 0.103.0-r0fixed 0.103.0-r0

    Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

  • CVE-2024-36129Jun 5, 2024
    affected < 0.102.1-r0fixed 0.102.1-r0

    The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version 0.102.1

  • CVE-2024-24788MedMay 8, 2024
    affected < 0.100.0-r1fixed 0.100.0-r1

    A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.

  • CVE-2019-3826Mar 26, 2019
    affected < 0fixed 0

    A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus before version 2.7.1. An attacker could exploit this by convincing an authenticated user to visit a crafted URL on a Prometheus server, allowing for the execution and persistent storage of arbitrary scri

Page 3 of 3