Lucene search
+L

9 matches found

OSV
OSV
added 3 days ago4 views

GHSA-P5F6-RCCC-JV98 dd-trace-rb: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

GHSA-74J5-XF3V-CRQ8 dd-trace-go: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 3 days ago12 views

dd-trace-go: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 3 days ago10 views

dd-trace-dotnet: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2Affected Software2
OSV
OSV
added 3 days ago4 views

GHSA-38WR-VPC7-2MP4 dd-trace-dotnet: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 3 days ago12 views

dd-trace-py: Improper parsing of W3C baggage headers may lead to DoS

Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-60361

Name of the Vulnerable Software and Affected Versions dd-trace versions prior to 5.100.0 Description An issue exists in the W3C baggage propagation within packages/dd-trace/src/baggage.js and packages/dd-trace/src/opentracing/propagation/text map.js where incoming baggage HTTP headers are parsed...

7.5CVSS5.5AI score0.00106EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 3 days ago8 views

dd-trace-go: Improper parsing of W3C baggage headers may lead to DoS

Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DDTRACEBAGGAGEMAXITEMS default 64 and DDTRACEBAGGAGEMAXBYTES default 8192 limits were applied only to baggage injection, n...

7.5CVSS6.1AI score0.00106EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago11 views

PT-2026-60360

Name of the Vulnerable Software and Affected Versions dd-trace-py versions prior to 4.8.2 Description Datadog tracing libraries implementing W3C baggage propagation fail to enforce limits on the number of items or total bytes when parsing incoming baggage HTTP headers during the extraction proces...

7.5CVSS5.4AI score0.00106EPSS
Exploits0References7
Rows per page
Query Builder