CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

122 matches found

Tenable Nessus•added 2024/01/18 12:0 a.m.•47 views

RHEL 8 / 9 : OpenShift Container Platform 4.14.9 (RHSA-2024:0207)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0207 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.5CVSS7.1AI score0.01579EPSS

Exploits0References7

F5 Networks•added 2024/01/16 8:8 p.m.•41 views

K000138255: Go OpenTelemetry Contrib vulnerability CVE-2023-47108

Security Advisory Description OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS6.3AI score0.01579EPSS

Exploits0

GitLab Advisory Database•added 2023/11/12 12:0 a.m.•64 views

otelgrpc DoS vulnerability due to unbound cardinality metrics

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the server's potential memory exhaustio...

7.5CVSS7AI score0.01579EPSS

Exploits0References8Affected Software1

NVD•added 2023/11/10 7:15 p.m.•33 views

CVE-2023-47108

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS0.01579EPSS

Exploits0References7

UbuntuCve•added 2023/11/10 7:15 p.m.•32 views

CVE-2023-47108

7.5CVSS6.8AI score0.01579EPSS

Exploits0References1

Prion•added 2023/11/10 7:15 p.m.•38 views

Code injection

5CVSS7AI score0.01579EPSS

Exploits0References6Affected Software1

CVE•added 2023/11/10 6:31 p.m.•962 views

CVE-2023-47108

The CVE-2023-47108 issue affects OpenTelemetry-Go Contrib's grpc Unary Server Interceptor in versions >=0.37.0 and

7.5CVSS6AI score0.01579EPSS

Exploits0References7Affected Software1

Vulnrichment•added 2023/11/10 6:31 p.m.•15 views

CVE-2023-47108 DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics

7.5CVSS6AI score0.01579EPSS

Exploits0References7

Cvelist•added 2023/11/10 6:31 p.m.•42 views

CVE-2023-47108 DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics

7.5CVSS7.6AI score0.01579EPSS

Exploits0References7

OSV•added 2023/11/10 6:31 p.m.•33 views

CVE-2023-47108 DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics

7.5CVSS6.3AI score0.01579EPSS

Exploits0References9

Positive Technologies•added 2023/11/10 12:0 a.m.•6 views

PT-2023-9340 · Unknown +2 · Opentelemetry-Go Contrib +2

Name of the Vulnerable Software and Affected Versions: OpenTelemetry-Go Contrib versions prior to 0.46.0 Description: The issue is related to the grpc Unary Server Interceptor adding labels net.peer.sock.addr and net.peer.sock.port with unbound cardinality, leading to potential memory exhaustion...

9.9CVSS7.2AI score0.94072EPSS

Exploits6References158

CNNVD•added 2023/11/10 12:0 a.m.•5 views

OpenTelemetry-Go Contrib Security Vulnerability

OpenTelemetry-Go Contrib is a collection of OpenTelemetry Go extensions open-sourced by OpenTelemetry. A security vulnerability exists in versions prior to OpenTelemetry-Go Contrib 0.46.0 that stems from a potential server memory exhaustion when sending a large number of malicious requests...

7.5CVSS6.8AI score0.01579EPSS

Exploits0References13

GitLab Advisory Database•added 2023/10/16 12:0 a.m.•34 views