3 matches found
CVE-2026-45678 OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond th...
OpenTelemetry eBPF Instrumentation 安全漏洞
OpenTelemetry eBPF Instrumentation is an open-source eBPF-based lightweight telemetry data collection tool developed by OpenTelemetry. Versions of OpenTelemetry eBPF Instrumentation prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the Postgres protocol parser’...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions through the BIND message parsing process. An attacker can cause the application to crash by sending a malformed or empty Postgres BIND payload that lacks a valid NUL-terminated portal...