PT-2026-5718 · Opentelemetry · Opentelemetry-Go
Morielharush
·
Publicado
2026-02-02
·
Atualizado
2026-06-15
·
CVE-2026-24051
CVSS v3.1
9.8
Crítica
| Vetor base | Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Nome do Software Vulnerável e Versões Afetadas
OpenTelemetry-Go, versões 1.20.0 a 1.39.0
Descrição
As versões 1.20.0 a 1.39.0 do SDK OpenTelemetry Go são vulneráveis a um problema de sequestro de caminho em sistemas macOS/Darwin. O código de detecção de recursos em
sdk/resource/host id.go executa o comando do sistema ioreg utilizando um caminho de busca. Um atacante que possa modificar localmente a variável de ambiente PATH pode potencialmente alcançar Execução Arbitrária de Código (EAC) no contexto do aplicativo.Recomendações
Atualize para a versão 1.40.0 ou superior.
Exploit
Correção
Untrusted Search Path
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
AZL-76443
AZL-76449
CLEANSTART-2026-AB04032
CLEANSTART-2026-AD71344
CLEANSTART-2026-AL75891
CLEANSTART-2026-AM88528
CLEANSTART-2026-AP81168
CLEANSTART-2026-AQ65185
CLEANSTART-2026-AS59691
CLEANSTART-2026-AT91215
CLEANSTART-2026-BA09462
CLEANSTART-2026-BB83999
CLEANSTART-2026-BD18029
CLEANSTART-2026-BH97849
CLEANSTART-2026-BK28579
CLEANSTART-2026-BM53321
CLEANSTART-2026-BT99405
CLEANSTART-2026-BU39038
CLEANSTART-2026-BU65096
CLEANSTART-2026-BY59711
CLEANSTART-2026-BY85815
CLEANSTART-2026-CC08450
CLEANSTART-2026-CD13174
CLEANSTART-2026-CF63743
CLEANSTART-2026-CG86499
CLEANSTART-2026-CN84623
CLEANSTART-2026-CO68219
CLEANSTART-2026-CP95927
CLEANSTART-2026-CU52059
CLEANSTART-2026-CY45415
CLEANSTART-2026-CZ07385
CLEANSTART-2026-DA99134
CLEANSTART-2026-DB61851
CLEANSTART-2026-DM19620
CLEANSTART-2026-DP35743
CLEANSTART-2026-DQ17669
CLEANSTART-2026-DS01292
CLEANSTART-2026-EB74978
CLEANSTART-2026-EE52954
CLEANSTART-2026-EI06494
CLEANSTART-2026-EI44621
CLEANSTART-2026-EL10860
CLEANSTART-2026-EP10142
CLEANSTART-2026-ET12387
CLEANSTART-2026-FB07695
CLEANSTART-2026-FJ01373
CLEANSTART-2026-FQ05951
CLEANSTART-2026-FR97108
CLEANSTART-2026-FU04414
CLEANSTART-2026-FV86809
CLEANSTART-2026-FX27781
CLEANSTART-2026-FZ55932
CLEANSTART-2026-GG06672
CLEANSTART-2026-GG94489
CLEANSTART-2026-GI57625
CLEANSTART-2026-GK29346
CLEANSTART-2026-GM18965
CLEANSTART-2026-GN78570
CLEANSTART-2026-GQ03231
CLEANSTART-2026-GU55430
CLEANSTART-2026-GX87608
CLEANSTART-2026-GY48351
CLEANSTART-2026-HB06257
CLEANSTART-2026-HC15345
CLEANSTART-2026-HE31644
CLEANSTART-2026-HF07497
CLEANSTART-2026-HK01840
CLEANSTART-2026-HK06185
CLEANSTART-2026-HM40094
CLEANSTART-2026-HQ88036
CLEANSTART-2026-HX97842
CLEANSTART-2026-IC68874
CLEANSTART-2026-IP72442
CLEANSTART-2026-IW23933
CLEANSTART-2026-IY77127
CLEANSTART-2026-JF28061
CLEANSTART-2026-JG72006
CLEANSTART-2026-JH93057
CLEANSTART-2026-JK59495
CLEANSTART-2026-JO01099
CLEANSTART-2026-JU62670
CLEANSTART-2026-JV26120
CLEANSTART-2026-JW58725
CLEANSTART-2026-JW59894
CLEANSTART-2026-JY63371
CLEANSTART-2026-KA15295
CLEANSTART-2026-KC83705
CLEANSTART-2026-KK98885
CLEANSTART-2026-KT28044
CLEANSTART-2026-KW24478
CLEANSTART-2026-LB23787
CLEANSTART-2026-LC01167
CLEANSTART-2026-LD14062
CLEANSTART-2026-LD15132
CLEANSTART-2026-LM43244
CLEANSTART-2026-LO63022
CLEANSTART-2026-LP76319
CLEANSTART-2026-LS00044
CLEANSTART-2026-LS30652
CLEANSTART-2026-LT10352
CLEANSTART-2026-LU21824
CLEANSTART-2026-LU81821
CLEANSTART-2026-LY88807
CLEANSTART-2026-MA32024
CLEANSTART-2026-MI12470
CLEANSTART-2026-MI26424
CLEANSTART-2026-MJ36694
CLEANSTART-2026-MK01488
CLEANSTART-2026-MK40719
CLEANSTART-2026-ML41879
CLEANSTART-2026-MO53190
CLEANSTART-2026-MS81166
CLEANSTART-2026-MT27167
CLEANSTART-2026-MW24969
CLEANSTART-2026-MW66533
CLEANSTART-2026-NG28268
CLEANSTART-2026-NG75665
CLEANSTART-2026-NI04192
CLEANSTART-2026-NJ43712
CLEANSTART-2026-NP19113
CLEANSTART-2026-NR54556
CLEANSTART-2026-NT80635
CLEANSTART-2026-NV37937
CLEANSTART-2026-OD47693
CLEANSTART-2026-OF37807
CLEANSTART-2026-OI10284
CLEANSTART-2026-OJ21550
CLEANSTART-2026-OM95908
CLEANSTART-2026-OR40192
CLEANSTART-2026-OS42112
CLEANSTART-2026-OU18540
CLEANSTART-2026-OW78143
CLEANSTART-2026-OX06978
CLEANSTART-2026-PB32291
CLEANSTART-2026-PE63912
CLEANSTART-2026-PJ76318
CLEANSTART-2026-PM81907
CLEANSTART-2026-PN56882
CLEANSTART-2026-PP62083
CLEANSTART-2026-PW47027
CLEANSTART-2026-PW57640
CLEANSTART-2026-PY36202
CLEANSTART-2026-PZ85180
CLEANSTART-2026-QA91937
CLEANSTART-2026-QB67682
CLEANSTART-2026-QI02196
CLEANSTART-2026-QK02462
CLEANSTART-2026-QN98167
CLEANSTART-2026-QO29688
CLEANSTART-2026-QP84300
CLEANSTART-2026-QS87161
CLEANSTART-2026-QV77143
CLEANSTART-2026-QY63788
CLEANSTART-2026-RJ35552
CLEANSTART-2026-RJ58492
CLEANSTART-2026-RS39197
CLEANSTART-2026-RU00721
CLEANSTART-2026-RX06063
CLEANSTART-2026-SF31652
CLEANSTART-2026-SH14815
CLEANSTART-2026-SI08105
CLEANSTART-2026-SO13464
CLEANSTART-2026-SR26977
CLEANSTART-2026-SY28275
CLEANSTART-2026-TE02851
CLEANSTART-2026-TN07413
CLEANSTART-2026-TT42218
CLEANSTART-2026-UB49656
CLEANSTART-2026-UD61879
CLEANSTART-2026-UK15999
CLEANSTART-2026-UW03847
CLEANSTART-2026-UW08576
CLEANSTART-2026-UZ17701
CLEANSTART-2026-VI68146
CLEANSTART-2026-VJ77782
CLEANSTART-2026-VL19675
CLEANSTART-2026-VS17175
CLEANSTART-2026-VT65447
CLEANSTART-2026-VX40916
CLEANSTART-2026-VY87942
CLEANSTART-2026-VZ08395
CLEANSTART-2026-VZ76006
CLEANSTART-2026-WA14162
CLEANSTART-2026-WB12909
CLEANSTART-2026-WL14185
CLEANSTART-2026-WN01990
CLEANSTART-2026-WO87803
CVE-2026-24051
GHSA-9H8M-3FM2-QJRQ
GO-2026-4394
OPENSUSE-SU-2026:10396-1
OPENSUSE-SU-2026:10613-1
OPENSUSE-SU-2026:10684-1
OPENSUSE-SU-2026:10716-1
SUSE-SU-2026:0757-1
Produtos afetados
Opentelemetry-Go
Referências · 889
- 🔥 https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/24xxx/CVE-2026-24051.json⭐ 2460 🔗 557 · Exploit
- https://github.com/open-telemetry/opentelemetry-go⭐ 6401 🔗 1364 · Nota
- https://github.com/open-telemetry/opentelemetry-go/commit/d45961bcda453fcbdb6469c22d6e88a1f9970a53⭐ 6285 🔗 1260 · Correção
- https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-9h8m-3fm2-qjrq⭐ 6285 🔗 1260 · Aviso do Fabricante
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FR97108.json⭐ 1 · Nota
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JG72006.json⭐ 1 · Nota
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PP62083.json⭐ 1 · Nota
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FQ05951.json⭐ 1 · Nota
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LS00044.json⭐ 1 · Nota
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OS42112.json⭐ 1 · Nota
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MK40719.json⭐ 1 · Nota
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-QP84300.json⭐ 1 · Nota
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MI12470.json⭐ 1 · Nota
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BB83999.json⭐ 1 · Nota
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RJ35552.json⭐ 1 · Nota