Lucene search
K

7 matches found

NVD
NVD
added 2026/05/28 5:16 p.m.17 views

CVE-2026-45292

opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators...

7.5CVSS0.00686EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/28 4:37 p.m.43 views

CVE-2026-45292 opentelemetry-java: Unbounded Memory Allocation in W3C Baggage Propagation

opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators...

5.3CVSS0.00686EPSS
Exploits0References4
CVE
CVE
added 2026/05/28 4:37 p.m.93 views

CVE-2026-45292

The CVE-2026-45292 issue affects OpenTelemetry Java components: baggage propagation in opentelemetry-api and opentelemetry-extension-trace-propagators prior to 1.62.0. The vulnerability arises from parsing oversized baggage, causing unbounded memory allocation and high CPU usage, with baggage re-...

7.5CVSS5.8AI score0.00686EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/28 4:37 p.m.14 views

CVE-2026-45292 opentelemetry-java: Unbounded Memory Allocation in W3C Baggage Propagation

opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators...

5.3CVSS5.8AI score0.00686EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/28 4:37 p.m.11 views

EUVD-2026-32953

opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators...

5.3CVSS5.8AI score0.00686EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/14 4:36 p.m.30 views

OpenTelemetry Java SDK has Unbounded Memory Allocation in W3C Baggage Propagation

Overview A vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators. Parsing oversized baggage causes unbounded memory allocation and CPU consumption. Because baggage is automatically re-injected into every outgoing request, t...

7.5CVSS5.9AI score0.00686EPSS
Exploits0References6Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/23 9:43 p.m.93 views

OpenTelemetry dotnet: Excessive memory allocation when parsing OpenTelemetry propagation headers

Summary The implementation details of the baggage, B3 and Jaeger processing code in the OpenTelemetry.Api and OpenTelemetry.Extensions.Propagators NuGet packages can allocate excessive memory when parsing which could create a potential denial of service DoS in the consuming application. Details...

5.3CVSS5.8AI score0.00458EPSS
Exploits0References10Affected Software2
Rows per page
Query Builder