Homepage

opentelemetry-collector

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the opentelemetry-collector package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Improper Restriction of Rendered UI Layers or Frames

<0.152.1-r4
  • L
GHSA-w9p8-pvxh-rxpj

<0.152.1-r4
  • L
GHSA-wrh2-89vg-4j9g

<0.152.1-r4
  • L
Resource Exhaustion

<0.152.1-r4
  • L
Improper Restriction of Rendered UI Layers or Frames

<0.152.1-r4
  • L
GHSA-m9x8-m34x-fj9q

<0.152.1-r4
  • L
Improper Restriction of Rendered UI Layers or Frames

<0.152.1-r4
  • L
GHSA-cg87-vwwh-xvgj

<0.152.1-r4
  • L
Cross-site Scripting (XSS)

<0.152.1-r4
  • L
GHSA-5cv4-jp36-h3mw

<0.152.1-r4
  • L
Improper Enforcement of Message Integrity During Transmission in a Communication Channel

<0.152.1-r2
  • L
Improper Certificate Validation

<0.152.1-r2
  • L
Integer Overflow or Wraparound

<0.152.1-r2
  • L
CVE-2026-46595

<0.152.1-r2
  • L
Deserialization of Untrusted Data

<0.152.1-r2
  • L
Incorrect Type Conversion or Cast

<0.152.1-r2
  • L
CVE-2026-46598

<0.152.1-r2
  • L
Missing Authorization

<0.152.1-r2
  • L
Out-of-Bounds

<0.152.1-r2
  • L
Improper Verification of Cryptographic Signature

<0.152.1-r2
  • L
Improper Certificate Validation

<0.152.1-r2
  • L
Missing Authorization

<0.152.1-r2
  • L
GHSA-fw8g-cg8f-9j28

<0.152.1-r0
  • L
Integer Overflow or Wraparound

<0.152.1-r0
  • M
Cross-site Scripting (XSS)

<0.152.1-r0
  • L
GHSA-wf45-q9ch-q8gh

<0.152.1-r0
  • L
GHSA-8g2r-hhvj-mv99

<0.150.0-r2
  • L
GHSA-5m4p-2gjx-p2g8

<0.150.0-r2
  • L
GHSA-qc64-m6c2-v4x7

<0.150.0-r2
  • H
NULL Pointer Dereference

<0.150.0-r2
  • L
GHSA-qf3q-3h68-mmh2

<0.150.0-r2
  • M
Out-of-bounds Write

<0.150.0-r2
  • L
CVE-2026-42501

<0.150.0-r2
  • M
Link Following

<0.150.0-r2
  • H
Untrusted Search Path

<0.150.0-r0
  • H
Off-by-one Error

<0.150.0-r0
  • L
GHSA-w8rr-5gcm-pp58

<0.150.0-r0
  • L
GHSA-x744-4wpc-v9h2

<0.150.0-r0
  • L
GHSA-pxq6-2prw-chj9

<0.150.0-r0
  • L
Uncontrolled Memory Allocation

<0.150.0-r0
  • H
Authentication Bypass

<0.150.0-r0
  • L
GHSA-hfvc-g4fc-pqhx

<0.150.0-r0
  • L
GHSA-gjvh-7jh8-7xhm

<0.149.0-r1
  • L
GHSA-5w89-2c2x-6x66

<0.149.0-r1
  • H
Improper Certificate Validation

<0.149.0-r1
  • H
Incorrect Authorization

<0.149.0-r1
  • L
CVE-2026-32280

<0.149.0-r1
  • L
GHSA-m4pr-4j3g-9v7v

<0.149.0-r1
  • L
Improper Validation of Array Index

<0.148.0-r1
  • L
GHSA-p77j-4mvh-x3m3

<0.148.0-r1
  • L
GHSA-6g7g-w4f8-9c9x

<0.148.0-r1
  • L
Improper Authorization

<0.148.0-r1
  • L
Directory Traversal

<0.147.0-r5
  • L
Direct Request ('Forced Browsing')

<0.147.0-r5
  • L
GHSA-j3gx-2473-5fp8

<0.147.0-r5
  • L
GHSA-rv83-g57w-fr8j

<0.147.0-r5
  • L
GHSA-j5pm-7495-qmr3

<0.131.0-r2
  • L
GHSA-87m9-rv8p-rgmg

<0.139.0-r0
  • L
CVE-2025-58181

<0.140.0-r1
  • L
CVE-2025-22869

<0.121.0-r1
  • L
CVE-2025-22868

<0.121.0-r1
  • L
CVE-2024-34155

<0.109.0-r0
  • L
CVE-2025-22872

<0.124.0-r1
  • L
GHSA-8xfx-rj4p-23jm

<0.109.0-r0
  • L
GHSA-f6x5-jh6r-wrfv

<0.140.0-r1
  • L
GHSA-vvgc-356p-c3xw

<0.124.0-r1
  • M
Missing Initialization of Resource

<0.131.0-r1
  • L
GHSA-m5vv-6r4h-3vj9

<0.139.0-r0
  • L
GHSA-qxp5-gwg8-xv66

<0.121.0-r2
  • L
GHSA-v778-237x-gjrc

<0.115.0-r1
  • L
CVE-2026-27141

<0.147.0-r0
  • L
CVE-2025-22870

<0.121.0-r2
  • L
GHSA-8fj7-8h3w-xwfm

<0.147.0-r0
  • L
GHSA-fv92-fjc5-jj9h

<0.129.0-r0
  • L
CVE-2024-45337

<0.115.0-r1
  • M
Race Condition

<0.139.0-r0
  • L
Allocation of Resources Without Limits or Throttling

<0.142.0-r1
  • L
GHSA-cfpf-hrx2-8rv6

<0.142.0-r1
  • L
CVE-2025-47914

<0.140.0-r1
  • L
GHSA-3whm-j4xm-rv8x

<0.119.0-r0
  • L
CVE-2024-34156

<0.109.0-r0
  • L
CVE-2025-22871

<0.123.0-r1
  • L
CVE-2025-22866

<0.119.0-r0
  • L
GHSA-g9pc-8g42-g6vq

<0.123.0-r1
  • L
GHSA-crqm-pwhx-j97f

<0.109.0-r0
  • L
GHSA-j5w8-q4qc-rx2x

<0.140.0-r1
  • L
GHSA-x4rx-4gw3-53p4

<0.131.0-r1
  • L
Race Condition

<0.131.0-r2
  • L
Asymmetric Resource Consumption (Amplification)

<0.122.1-r1
  • L
GHSA-w32m-9786-jp63

<0.116.0-r1
  • L
Improper Certificate Validation

<0.141.0-r1
  • L
GHSA-mh63-6h87-95cp

<0.122.1-r1
  • L
CVE-2024-45338

<0.116.0-r1
  • L
GHSA-hcg3-q754-cr77

<0.121.0-r1
  • L
CVE-2024-34158

<0.109.0-r0
  • L
GHSA-5mh9-3jwc-rp59

<0.141.0-r1
  • L
GHSA-j7vj-rw65-4v26

<0.109.0-r0
  • L
GHSA-93mq-9ffx-83m2

<0.122.1-r0
  • L
Allocation of Resources Without Limits or Throttling

<0.122.1-r0
  • L
GHSA-7c64-f9jr-v9h2

<0.141.0-r1
  • L
GHSA-6v2p-p543-phr9

<0.121.0-r1
  • L
Improper Certificate Validation

<0.141.0-r1
  • L
CVE-2024-41110

<0.139.0-r0
  • L
GHSA-v23v-6jw2-98fq

<0.139.0-r0
  • M
Information Exposure Through Log Files

<0.105.0-r0
  • L
CVE-2024-24791

<0.104.0-r1
  • H
Out-of-Bounds

<0.102.1-r0