Lucene search
K

4 matches found

CVE
CVE
added 2026/05/28 4:37 p.m.93 views

CVE-2026-45292

The CVE-2026-45292 issue affects OpenTelemetry Java components: baggage propagation in opentelemetry-api and opentelemetry-extension-trace-propagators prior to 1.62.0. The vulnerability arises from parsing oversized baggage, causing unbounded memory allocation and high CPU usage, with baggage re-...

7.5CVSS5.8AI score0.00686EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/28 4:37 p.m.13 views

CVE-2026-45292 opentelemetry-java: Unbounded Memory Allocation in W3C Baggage Propagation

opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators...

5.3CVSS5.8AI score0.00686EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/05/14 4:36 p.m.5 views

be.vlaanderen.informatievlaanderen.ldes.ldio:ldio-application (=2.12.0), be.vlaanderen.informatievlaanderen.vsds:ldes-server-admin (>=2.10.0 <=3.4.0) +556 more potentially affected by CVE-2026-45292 via io.opentelemetry:opentelemetry-extension-trace-propagators (>=0.7.0 <=1.61.0)

io.opentelemetry:opentelemetry-extension-trace-propagators MAVEN version =0.7.0, =2.10.0, =3.6.0, =1.1.0, =2.10.0, =2.10.0, =2.10.0, =3.0.0, =3.3.0, =3.3.0, =3.3.0, =3.3.0, =3.4.0 - br.com.sawcunhaos:scos-foundation-security =1.1.0 - ch.admin.bit.jeap:jeap-archrepo-dbsc...

7.5CVSS5.7AI score0.00686EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/14 4:36 p.m.8 views

ai.agentican:agentican-quarkus-otel (>=0.1.0-alpha.1 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-otel-store-jpa (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +10807 more potentially affected by CVE-2026-45292 via io.opentelemetry:opentelemetry-api (>=0.2.0 <=1.61.0)

io.opentelemetry:opentelemetry-api MAVEN version =0.2.0, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.21.0-alpha.2, =0.1.1, =0.1.1, =0.1.1, =0.0.1, =3.10.0.5, =1.0.0, =1.0.0, =0.3.0, =1.0.0, =1.0.0-beta, =1.0.0-beta-preview7 and more Source cves: CVE-2026-45292 Source...

7.5CVSS5.7AI score0.00686EPSS
Exploits0
Rows per page
Query Builder