GHSA-G94R-2VXG-569J OpenTelemetry dotnet: Excessive memory allocation when parsing OpenTelemetry propagation headers

Summary The implementation details of the baggage, B3 and Jaeger processing code in the OpenTelemetry.Api and OpenTelemetry.Extensions.Propagators NuGet packages can allocate excessive memory when parsing which could create a potential denial of service DoS in the consuming application. Details...

Memory Allocation with Excessive Size Value

Overview OpenTelemetry.Extensions.Propagators is a package containing propagator formats for OpenTelemetry .NET. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the processing of propagation headers such as baggage, B3, and Jaeger. An attacker ca...

opentelemetry-jaeger crate is unmaintained

The opentelemetry-jaeger crate is deprecated and no longer actively maintained. The Jaeger propagator implementation has been migrated to opentelemetry-jaeger-propagator. More information and examples of using OTLP with Jaeger can be found in Introducing native support for OpenTelemetry in Jaeger...

RUSTSEC-2025-0123 opentelemetry-jaeger crate is unmaintained

The opentelemetry-jaeger crate is deprecated and no longer actively maintained. The Jaeger propagator implementation has been migrated to opentelemetry-jaeger-propagator. More information and examples of using OTLP with Jaeger can be found in Introducing native support for OpenTelemetry in Jaeger...

EUVD-2024-44921

Malicious code in bioql PyPI...

CVE-2024-50495

Unrestricted Upload of File with Dangerous Type vulnerability in WidgiLabs Plugin Propagator allows Upload a Web Shell to a Web Server.This issue affects Plugin Propagator: from n/a through 0.1...

CVE-2024-50495 WordPress Plugin Propagator plugin <= 0.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in nunomorgadinho Plugin Propagator wp-propagator allows Upload a Web Shell to a Web Server.This issue affects Plugin Propagator: from n/a through = 0.1...

CVE-2024-50495

CVE-2024-50495 concerns WidgiLabs Plugin Propagator (Plugin Propagator) ≤ 0.1 with an Unrestricted Upload of File with Dangerous Type vulnerability. The advisory states that an attacker can upload a web shell to the web server, enabling complete server compromise. Public sources confirm the same ...

CVE-2024-50495 WordPress Plugin Propagator plugin <= 0.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in nunomorgadinho Plugin Propagator wp-propagator allows Upload a Web Shell to a Web Server.This issue affects Plugin Propagator: from n/a through = 0.1...

WordPress plugin Plugin Propagator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-34273 · Widgilabs · Widgilabs Plugin Propagator

Name of the Vulnerable Software and Affected Versions: WidgiLabs Plugin Propagator versions 0.1 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized acces...

WordPress Plugin Propagator plugin <= 0.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Plugin Propagator versions = 0.1...

WordPress Plugin Propagator Plugin <= 0.1 is vulnerable to Arbitrary File Upload

Software Plugin Propagator Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50495 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 8034c466a94c Credits stealthcopter Required privilege...

Malicious code in propagator-jaeger (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-9784 Malicious code in propagator-jaeger (npm)

--- -= Per source details. Do not edit below this line.=-...

Privilege Escalation

github.com/stolostron/governance-policy-propagator is vulnerable to Privilege Escalation. In a formed policy, the library makes it possible for dynamically acquired policies to leverage cluster scoped access, enabling a local attacker to access resources from the namespace where the policy was...

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

CVE-2023-3027

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...

Code injection

The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values instead of the policy apply a static manifest on a managed cluster of taking advantage of cluster scoped access in a created policy. This feature...