11 matches found
pepl-codegen (>=0.1.1 <=0.1.2), pepl-compiler (>=0.1.1 <=0.1.2) +2 more potentially affected by CVE-2025-66627 via wasmi (>=0.42.1 <=0.46.0)
wasmi CARGO version =0.42.1, =0.1.1, =0.1.1, =0.42.0, =0.42.0, =0.46.0 Source cves: CVE-2025-66627 Source advisory: OSV:GHSA-G4V2-CJQP-RFMQ...
EUVD-2023-2927
Malicious code in bioql PyPI...
RHCOS 4 : OpenShift Container Platform 4.12.48 (RHSA-2024:0489)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0489 advisory. - opentelemetry-go-contrib: DoS vulnerability in otelgrpc due to unbound cardinality metrics CVE-2023-47108 Note that Nessus has not tested f...
SUSE CVE-2023-47108
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...
AZL-34891 CVE-2023-47108 affecting package kube-vip-cloud-provider for versions less than 0.0.10-1
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...
AZL-35434 CVE-2023-47108 affecting package docker-buildx for versions less than 0.14.0-1
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...
AZL-42745 CVE-2023-47108 affecting package ig for versions less than 0.30.0-1
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...
UBUNTU-CVE-2023-47108
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...
Code injection
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the server's potential memory exhaustio...
CVE-2023-47108
The CVE-2023-47108 issue affects OpenTelemetry-Go Contrib's grpc Unary Server Interceptor in versions >=0.37.0 and
OpenTelemetry-Go Contrib Security Vulnerability
OpenTelemetry-Go Contrib is a collection of OpenTelemetry Go extensions open-sourced by OpenTelemetry. A security vulnerability exists in versions prior to OpenTelemetry-Go Contrib 0.46.0 that stems from a potential server memory exhaustion when sending a large number of malicious requests...