VYPR

Go modules package

github.com/open-telemetry/opentelemetry-collector-contrib/extension/azureauthextension

pkg:golang/github.com/open-telemetry/opentelemetry-collector-contrib/extension/azureauthextension

Vulnerabilities (1)

  • CVE-2026-42602HigMay 13, 2026
    affected >= 0.124.0, <= 0.150.0

    azureauthextension is the Azure Authenticator Extension. From 0.124.0 to 0.150.0, a server-side authentication bypass in azureauthextension allows any party who holds a single valid Azure access token for any scope the collector's configured identity can mint for to authenticate