Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
OpenTelemetry-Go: Multiple Security Risks in FIPS Module
CLEANSTART-2026-PP62083
Summary
OpenTelemetry-Go, a Go implementation of OpenTelemetry, contains security vulnerabilities in its FIPS module. If not addressed, these vulnerabilities could allow an attacker to execute arbitrary code or elevate privileges. Update OpenTelemetry-Go to the latest version to mitigate these risks.
What to do
- Update fluent-operator-fips to version 3.5.0-r0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | fluent-operator-fips | <= 3.5.0-r0 | 3.5.0-r0 |
Original title
OpenTelemetry-Go is the Go implementation of OpenTelemetry
Original description
Multiple security vulnerabilities affect the fluent-operator-fips package. OpenTelemetry-Go is the Go implementation of OpenTelemetry. See references for individual vulnerability details.
osv CVSS3.1
9.8
Published: 7 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026