Memory Allocation with Excessive Size Value

Overview OpenTelemetry.Api is a package that application developers and library authors use to instrument their application/library. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the processing of propagation headers such as baggage, B3, and...

CVE-2025-27513

OpenTelemetry.Api (OpenTelemetry .NET) version 1.10.0–1.11.1 is vulnerable to a DoS via tracestate/traceparent headers, causing high CPU and degraded performance. The issue is fixed in 1.11.2; upgrading is recommended. If not upgrading, exposed web/backend services processing such HTTP headers ma...

MAL-2024-11761 Malicious code in @opentelemetrya/api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 77badbd499b685fa4658fe6151a9114e22077b0c7e1abb08079acc02c5b044ea The OpenSSF Package Analysis project identified '@opentelemetrya/api' @ 9.9.9 npm as malicious. It is considered malicious because: - The packag...

openSUSE Security Advisory (SUSE-SU-2024:1639-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

actix-web-opentelemetry (>=0.13.0 <=0.15.0), apikit (>=0.1.0 <=0.2.0) +111 more potentially affected by unknown CVE via opentelemetry_api (>=0.18.0 <=0.20.0)

opentelemetryapi CARGO version =0.18.0, =0.13.0, =0.1.0, =0.0.1, =0.8.1, =4.0.15, =0.1.0, =0.1.0, =0.1.1, =0.4.0-rc.1, =0.5.0, =0.1.0, =6.6.4, =0.0.1, =0.0.1-alpha.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0387...

SUSE-SU-2024:1639-1 Security update for python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry-semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict

This update for python-argcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack,...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets (SUSE-SU-2023:2783-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2783-1 advisory. - aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data...