CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

NVD•added 2026/05/12 8:16 p.m.•9 views

CVE-2026-42191

OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP OpenTelemetry Protocol exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath when OTELDOTNETEXPERIMENTALOTLPRETRY=disk was set but...

7.8CVSS0.00014EPSS

Exploits0References2

Vulnrichment•added 2026/05/12 7:12 p.m.•4 views

CVE-2026-42191 OpenTelemetry.Exporter.OpenTelemetryProtocol: Disk retry default temp path enables local blob injection for OTLP Exporter

6.5CVSS5.8AI score0.00014EPSS

Exploits0References2

Cvelist•added 2026/05/12 7:12 p.m.•27 views

CVE-2026-42191 OpenTelemetry.Exporter.OpenTelemetryProtocol: Disk retry default temp path enables local blob injection for OTLP Exporter

6.5CVSS0.00014EPSS

Exploits0References2

ATTACKERKB•added 2026/05/12 7:12 p.m.•5 views

CVE-2026-42191

6.5CVSS5.8AI score0.00014EPSS

Exploits0References3Affected Software1

CVE•added 2026/05/12 7:12 p.m.•5 views

CVE-2026-42191

OpenTelemetry.Exporter.OpenTelemetryProtocol (OTLP exporter) Vulnerability: from 1.8.0 through 1.15.2, when OTEL_DOTNET_EXPERIMENTAL_OTLP_RETRY=disk is used without OTEL_DOTNET_EXPERIMENTAL_OTLP_DISK_RETRY_DIRECTORY_PATH, the retry storage root is resolved with Path.GetTempPath(). The exporter st...

7.8CVSS5.8AI score0.00014EPSS

Exploits0References2Affected Software1

CNNVD•added 2026/05/12 12:0 a.m.•3 views

OpenTelemetry .NET Contrib 安全漏洞

OpenTelemetry .NET Contrib is an open-source telemetry data collection and processing library developed by OpenTelemetry - CNCF. Versions 1.8.0 to 1.15.2 of OpenTelemetry .NET Contrib contain security vulnerabilities. These vulnerabilities stem from the OTLP disk retry feature being reverted to a...

7.8CVSS5.8AI score0.00014EPSS

Exploits0References1

Snyk•added 2026/04/30 6:34 p.m.•5 views

Creation of Temporary File in Directory with Insecure Permissions

Overview OpenTelemetry.Exporter.OpenTelemetryProtocol is an OTLP Exporter for OpenTelemetry .NET. Affected versions of this package are vulnerable to Creation of Temporary File in Directory with Insecure Permissions in the ExperimentalOptions used in handling disk retry storage for telemetry data...

7.8CVSS5.8AI score0.00014EPSS

Exploits0References2

Github Security Blog•added 2026/04/30 6:34 p.m.•34 views

OpenTelemetry's disk retry default temp path enables local blob injection via OTLP Exporter

Summary The OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath when OTELDOTNETEXPERIMENTALOTLPRETRY=disk was set but OTELDOTNETEXPERIMENTALOTLPDISKRETRYDIRECTORYPATH was not configured. The exporter stored and loaded .blob files under...

7.8CVSS5.4AI score0.00014EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/04/30 12:0 a.m.•6 views

PT-2026-36819

Name of the Vulnerable Software and Affected Versions OpenTelemetry.Exporter.OpenTelemetryProtocol versions 1.8.0 through 1.15.2 Description The OTLP disk retry feature silently falls back to Path.GetTempPath when OTEL DOTNET EXPERIMENTAL OTLP RETRY is set to disk but OTEL DOTNET EXPERIMENTAL OTL...

7.8CVSS5.8AI score0.00014EPSS

Exploits0References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by