Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/05/06 9:0 p.m.47 views

CVE-2026-41484 OpenTelemetry.Exporter.OneCollector vulnerable to denial of service via unbounded HTTP error response body

OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to the configured back-end or collector results in an unsuccessful HTTP 4xx or 5xx response, the HttpJsonPostTransport class reads the...

5.3CVSS0.00338EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 8:58 p.m.9 views

CVE-2026-41483 Unbounded HTTP response body read in OpenTelemetry.Resources.Azure

OpenTelemetry.Resources.Azure is the .NET resource detector for Azure environments. In versions 1.15.0-beta.1 and earlier, the AzureVmMetaDataRequestor class makes HTTP requests to the Azure VM instance metadata service and reads the response body into memory without any size limit. An attacker w...

5.9CVSS5.8AI score0.00323EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/02/20 9:52 p.m.9 views

OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs

Vulnerability The ACP bridge accepted very large prompt text blocks and could assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE integrations that send unusually large inputs. Affected...

4.8CVSS5.6AI score0.00165EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/02/20 9:52 p.m.6 views

GHSA-CXPW-2G23-2VGW OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs

Vulnerability The ACP bridge accepted very large prompt text blocks and could assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE integrations that send unusually large inputs. Affected...

4.8CVSS5.5AI score0.00165EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/08/29 12:0 a.m.5 views

PT-2025-35332

Name of the Vulnerable Software and Affected Versions Rancher Manager versions 2.9.12, 2.10.9, 2.11.5, and 2.12.1 Description A high-severity Denial of Service DoS flaw exists in Rancher Manager, allowing attackers to crash servers by sending oversized API requests to certain public unauthenticat...

9.9CVSS6.5AI score0.10543EPSS
Exploits21References58
Amazon
Amazon
added 2025/04/29 12:0 a.m.3 views

Medium: containerd

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/10/30 12:0 a.m.3 views

PT-2022-24876 · Unknown · Conduit-Hyper

Name of the Vulnerable Software and Affected Versions: conduit-hyper versions prior to 0.4.2 Description: The issue arises from conduit-hyper not checking any limit on a request's length before calling hyper::body::to bytes. An attacker could send a malicious request with an abnormally large...

7.5CVSS7.4AI score0.00689EPSS
Exploits0References10
OSV
OSV
added 2022/10/14 3:15 p.m.6 views

AZL-41393 CVE-2022-2879 affecting package moby-engine for versions less than 25.0.3-3

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.7AI score0.01544EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/04 12:0 a.m.7 views

PT-2022-19238 · Ireader +9 · Reader +9

Name of the Vulnerable Software and Affected Versions: Reader affected versions not specified Description: The issue is related to the Reader.Read function not setting a limit on the maximum size of file headers. A maliciously crafted archive could cause Reader.Read to allocate unbounded amounts ...

9.8CVSS7.1AI score0.9378EPSS
Exploits16References324
Rows per page
Query Builder