GO-2024-3102
- Source
- https://pkg.go.dev/vuln/GO-2024-3102
- Import Source
- https://vuln.go.dev/ID/GO-2024-3102.json
- JSON Data
- https://api.osv.dev/v1/vulns/GO-2024-3102
- Aliases
-
- CVE-2024-45043
- GHSA-prf6-xjxh-p698
- Published
- 2024-08-30T17:18:07Z
- Modified
- 2024-08-30T17:42:15.887916Z
- Summary
- OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability in github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver
- Details
-
OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability in github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver
- Database specific
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2024-3102" }- References
-
- https://github.com/open-telemetry/opentelemetry-collector-contrib/security/advisories/GHSA-prf6-xjxh-p698
- https://nvd.nist.gov/vuln/detail/CVE-2024-45043
- https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-http
- https://docs.aws.amazon.com/firehose/latest/dev/httpdeliveryrequestresponse.html
- https://github.com/open-telemetry/opentelemetry-collector#alpha
- https://github.com/open-telemetry/opentelemetry-collector-contrib/commit/371bf6afbd7cfa3253fa1674f5444064e86ef0ac
- https://github.com/open-telemetry/opentelemetry-collector-contrib/pull/34847
- https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/receiver/awsfirehosereceiver
- https://github.com/open-telemetry/opentelemetry-collector-releases/pull/74
- https://github.com/open-telemetry/opentelemetry-collector-releases/releases/tag/v0.108.0
- https://github.com/open-telemetry/opentelemetry-collector-releases/tree/main/distributions/otelcol-contrib
Affected packages
Go / github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver
Package
- Name
- github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver