opentelemetry-collector-contrib vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the opentelemetry-collector-contrib package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
L GHSA-fv92-fjc5-jj9h	<0.128.0-r1
L GHSA-6jgm-j7h2-2fqg	<0.125.0-r1
H Time-of-check Time-of-use (TOCTOU)	<0.125.0-r1
L Asymmetric Resource Consumption (Amplification)	<0.122.0-r2
L GHSA-mh63-6h87-95cp	<0.122.0-r2
L GHSA-2cgq-h8xw-2v5j	<0.122.0-r1
L GHSA-c5pj-mqfh-rvc3	<0.122.0-r1
L GHSA-33c5-9fx5-fvjm	<0.122.0-r1
L GHSA-29wx-vh33-7x7r	<0.122.0-r1
M Open Redirect	<0.122.0-r1
L Improper Handling of Exceptional Conditions	<0.122.0-r1
L Arbitrary Command Injection	<0.122.0-r1
L Allocation of Resources Without Limits or Throttling	<0.122.0-r0
L GHSA-93mq-9ffx-83m2	<0.122.0-r0
L CVE-2025-22870	<0.121.0-r1
L GHSA-qxp5-gwg8-xv66	<0.121.0-r1
L CVE-2025-22866	<0.119.0-r1
L GHSA-3whm-j4xm-rv8x	<0.119.0-r1
L CVE-2024-45338	<0.116.0-r1
L GHSA-w32m-9786-jp63	<0.116.0-r1
L GHSA-v778-237x-gjrc	<0.115.0-r1
L CVE-2024-45337	<0.115.0-r1
L GHSA-crqm-pwhx-j97f	<0.109.0-r0
L GHSA-8xfx-rj4p-23jm	<0.109.0-r0
L CVE-2024-34156	<0.109.0-r0
L CVE-2024-34155	<0.109.0-r0
L GHSA-j7vj-rw65-4v26	<0.109.0-r0
L CVE-2024-34158	<0.109.0-r0
L GHSA-jfvp-7x6p-h2pv	<0.108.0-r1
L CVE-2024-45310	<0.108.0-r1
L CVE-2024-41110	<0.105.0-r0
L GHSA-v23v-6jw2-98fq	<0.105.0-r0
L GHSA-xr7q-jx4m-x55m	<0.104.0-r2
L GHSA-hw49-2p59-3mhj	<0.104.0-r1
L CVE-2024-24791	<0.104.0-r1
L GHSA-v6v8-xj6m-xwqh	<0.103.0-r1
M Information Exposure Through Log Files	<0.103.0-r1
L GHSA-m5vv-6r4h-3vj9	<0.102.0-r4
M Race Condition	<0.102.0-r4
L GHSA-87m9-rv8p-rgmg	<0.102.0-r3
L GHSA-c74f-6mfw-mm4v	<0.102.0-r2
H Out-of-Bounds	<0.102.0-r2
L CVE-2023-45288	<0.98.0-r0
L GHSA-4v7x-pqxf-cx7m	<0.98.0-r0

Vulnerability

Vulnerable Version

<0.128.0-r1

<0.125.0-r1

<0.125.0-r1

<0.122.0-r2

<0.122.0-r2