Lucene search
+L

2450 matches found

CVE
CVE
added yesterday13 views

CVE-2026-48504

OpenTelemetry Rust (CVE-2026-48504) concerns BaggagePropagator::extract_with_context in opentelemetry_sdk. In 0.32.0 and earlier, it did not enforce W3C Baggage size limits before parsing an inbound baggage header, allowing an attacker-controlled header to trigger unnecessary CPU work and short-l...

5.3CVSS5.2AI score0.00096EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

GHSA-P5F6-RCCC-JV98 dd-trace-rb: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 3 days ago12 views

dd-trace-go: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2Affected Software2
OSV
OSV
added 3 days ago4 views

GHSA-74J5-XF3V-CRQ8 dd-trace-go: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

GHSA-38WR-VPC7-2MP4 dd-trace-dotnet: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 3 days ago10 views

dd-trace-dotnet: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 3 days ago12 views

dd-trace-py: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-60361

Name of the Vulnerable Software and Affected Versions dd-trace versions prior to 5.100.0 Description An issue exists in the W3C baggage propagation within packages/dd-trace/src/baggage.js and packages/dd-trace/src/opentracing/propagation/text map.js where incoming baggage HTTP headers are parsed...

7.5CVSS5.5AI score0.00106EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-60363

Name of the Vulnerable Software and Affected Versions dd-trace-go versions prior to 2.8.1 Description Datadog tracing libraries implementing W3C baggage propagation fail to enforce limits on the number of items or total bytes when parsing incoming baggage HTTP headers during the extraction proces...

7.5CVSS5.4AI score0.00106EPSS
Exploits0References7
GitLab Advisory Database
GitLab Advisory Database
added 3 days ago7 views

dd-trace-go: Improper parsing of W3C baggage headers may lead to DoS

Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage injection, n...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 3 days ago8 views

dd-trace-go: Improper parsing of W3C baggage headers may lead to DoS

Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage injection, n...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago14 views

PT-2026-60362

Name of the Vulnerable Software and Affected Versions Datadog .NET Tracer versions prior to 3.43.0 Description Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing limits on the number of items or the total byte size during...

7.5CVSS5.6AI score0.00106EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 3 days ago11 views

PT-2026-60360

Name of the Vulnerable Software and Affected Versions dd-trace-py versions prior to 4.8.2 Description Datadog tracing libraries implementing W3C baggage propagation fail to enforce limits on the number of items or total bytes when parsing incoming baggage HTTP headers during the extraction proces...

7.5CVSS5.4AI score0.00106EPSS
Exploits0References7
OSV
OSV
added 4 days ago4 views

CVE-2026-15075

In Eclipse Vert.x versions up to and including 4.5.29 4.x branch and 5.1.4 5.x branch, DefaultRedirectHandler vertx-core propagates all request headers as-is across cross-origin HTTP 30x redirects. Only Content-Length is stripped; no origin comparison scheme, host, port is performed before copyin...

8.2CVSS6.2AI score0.00141EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/10 5:11 p.m.7 views

CVE-2026-53363

A flaw was found in the Linux kernel's iptfs component, part of the IPSec framework. The iptfsconsumefrags function does not correctly propagate a flag indicating shared fragments. This can cause the Encapsulating Security Payload ESP to make incorrect security decisions regarding in-place...

9.8CVSS6.1AI score0.00111EPSS
Exploits0References4
OSV
OSV
added 2026/07/09 12:49 p.m.3 views

OESA-2026-2895 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

9.4CVSS6.2AI score0.00317EPSS
Exploits0References3
OSV
OSV
added 2026/07/09 12:49 p.m.4 views

OESA-2026-2894 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

9.4CVSS6.2AI score0.00317EPSS
Exploits0References3
CVE
CVE
added 2026/07/06 7:33 p.m.16 views

CVE-2026-44362

OP-TEE (trusted execution environment for Arm TrustZone) has a vulnerability in subkey rollback protection affecting versions 3.20.0 through 4.10.x; during TA loading, shdr_load_pub_key() fails to propagate subkey_version into the runtime structure, so key->version stays zero. When check_updat...

5.5CVSS6AI score0.00122EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/06 7:33 p.m.36 views

CVE-2026-44362 OP-TEE's subkey rollback protection can be bypassed with older subkey versions

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20.0 and prior to version 4.11.0, a vulnerability in OP-TEE’s subkey rollback protection allows the use of revoked ...

5.5CVSS0.00122EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/07/06 3:19 p.m.7 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.5 security update

Important: Red Hat OpenShift GitOps v1.20.5 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-9568 GitOps operator propagates argo CD tracking annotations to dynamic roleBindings GITOPS-9971 Image Updater Self-hosted Quay images redirect t...

9.6CVSS6AI score0.00813EPSS
Exploits0References4
Rows per page
Query Builder