10 matches found
EUVD-2026-36797
In Spring Cloud Sleuth, it is possible for a user to provide specially crafted calls that may cause a denial-of-service DoS condition. The application is vulnerable when it uses a vulnerable version of org.springframework.cloud:spring-cloud-sleuth-instrumentation and Spring TX instrumentation is...
CVE-2026-41708
In Spring Cloud Sleuth, it is possible for a user to provide specially crafted calls that may cause a denial-of-service DoS condition. The application is vulnerable when it uses a vulnerable version of org.springframework.cloud:spring-cloud-sleuth-instrumentation and Spring TX instrumentation is...
CVE-2026-41708 Spring Cloud Sleuth instrumentation of Spring TX DoS vulnerability
In Spring Cloud Sleuth, it is possible for a user to provide specially crafted calls that may cause a denial-of-service DoS condition. The application is vulnerable when it uses a vulnerable version of org.springframework.cloud:spring-cloud-sleuth-instrumentation and Spring TX instrumentation is...
CVE-2026-41708 Spring Cloud Sleuth instrumentation of Spring TX DoS vulnerability
In Spring Cloud Sleuth, it is possible for a user to provide specially crafted calls that may cause a denial-of-service DoS condition. The application is vulnerable when it uses a vulnerable version of org.springframework.cloud:spring-cloud-sleuth-instrumentation and Spring TX instrumentation is...
CVE-2026-41708
The CVE describes a DoS vulnerability in Spring Cloud Sleuth via the Spring TX instrumentation when using vulnerable versions of org.springframework.cloud:spring-cloud-sleuth-instrumentation (SLEUTH 3.1.0–3.1.13). The root cause is exposure of the transaction instrumentation to crafted calls, all...
PT-2026-49304
Name of the Vulnerable Software and Affected Versions Spring Cloud Sleuth versions 3.1.0 through 3.1.13 Description A denial-of-service DoS condition can be triggered when a user provides specially crafted calls. This occurs in applications using the...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Spring TX transaction instrumentation classes in this package. A remote user can issue calls that drive the transaction instrumentation to allocate resources without limits or...
CVE-2026-41708: Spring Cloud Sleuth instrumentation of Spring TX DoS vulnerability
In Spring Cloud Sleuth, it is possible for a user to provide specially crafted calls that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true:...
Context Propagation with Project Reactor 2 - The bumpy road of Spring Cloud Sleuth
This post is a part of a series: 1. The Basics 2. The bumpy road of Spring Cloud Sleuth 3. Unified Bridging between Reactive and Imperative Spring Cloud Sleuth recently became Micrometer Tracing, part of the Micrometer project. Most of the tracing instrumentation is centered within Micrometer und...
Context Propagation with Project Reactor 2 - The bumpy road of Spring Cloud Sleuth
This post is a part of a series: 1. The Basics 2. The bumpy road of Spring Cloud Sleuth 3. Unified Bridging between Reactive and Imperative Spring Cloud Sleuth recently became Micrometer Tracing, part of the Micrometer project. Most of the tracing instrumentation is centered within Micrometer und...