FLAT-Y0K69 (CVE-2026-42602)
Authentication mechanism absence or evasion In github.com/open-telemetry/opentelemetry-collector-contrib/extension/azureauthextension
6.3
Medium
Ecosystem: Go
Package: github.com/open-telemetry/opentelemetry-collector-contrib/extension/azureauthextension
FLAT-GS0U9 (CVE-2024-45043)
Improper authorization control for web services In github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver
2.7
Low
Ecosystem: Go
Package: github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver
FLAT-MLAOR (CVE-2024-42368)
Lack of data validation - Path Traversal In github.com/open-telemetry/opentelemetry-collector-contrib/extension/bearertokenauthextension
2.7
Low
Ecosystem: Go
Package: github.com/open-telemetry/opentelemetry-collector-contrib/extension/bearertokenauthextension