15 matches found
Memory Allocation with Excessive Size Value
Overview OpenTelemetry.Exporter.OpenTelemetryProtocol is an OTLP Exporter for OpenTelemetry .NET. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the grpc-status-details-bin parsing process during OTLP/gRPC retry handling. An attacker can cause...
EUVD-2026-25268
OpenTelemetry dotnet: Unbounded grpc-status-details-bin parsing in OTLP/gRPC retry handling...
GHSA-MR8R-92FQ-PJ8P OpenTelemetry dotnet: Unbounded `grpc-status-details-bin` parsing in OTLP/gRPC retry handling
Summary When exporting telemetry over gRPC using the OpenTelemetry Protocol OTLP, the exporter may parse a server-provided grpc-status-details-bin trailer during retry handling. Prior to the fix, a malformed trailer could encode an extremely large length-delimited protobuf field which was used...
OpenTelemetry dotnet: Unbounded `grpc-status-details-bin` parsing in OTLP/gRPC retry handling
Summary When exporting telemetry over gRPC using the OpenTelemetry Protocol OTLP, the exporter may parse a server-provided grpc-status-details-bin trailer during retry handling. Prior to the fix, a malformed trailer could encode an extremely large length-delimited protobuf field which was used...
CVE-2026-40891 OpenTelemetry dotnet: Unbounded `grpc-status-details-bin` parsing in OTLP/gRPC retry handling
OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry over gRPC using the OpenTelemetry Protocol OTLP, the exporter may parse a server-provided grpc-status-details-bin trailer during retry handling. Prior to the fix, a malformed trailer could...
CVE-2026-40891
OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry over gRPC using the OpenTelemetry Protocol OTLP, the exporter may parse a server-provided grpc-status-details-bin trailer during retry handling. Prior to the fix, a malformed trailer could...
CVE-2026-40891 OpenTelemetry dotnet: Unbounded `grpc-status-details-bin` parsing in OTLP/gRPC retry handling
OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry over gRPC using the OpenTelemetry Protocol OTLP, the exporter may parse a server-provided grpc-status-details-bin trailer during retry handling. Prior to the fix, a malformed trailer could...
CVE-2026-40891
OpenTelemetry dotnet (OpenTelemetry .NET telemetry framework) contains a vulnerability in versions 1.13.1 through before 1.15.2. During OTLP/gRPC export, the exporter may parse a server-provided grpc-status-details-bin trailer during retry handling. A malformed trailer could encode a very large l...
CVE-2024-10663
creationtimestamp| type| source ---|---|--- 2024-12-04 02:52:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113592288867590287 2024-12-04 05:02:39+00:00| seen| https://t.me/cvedetector/11941...
CVE-2024-50554
creationtimestamp| type| source ---|---|--- 2024-11-19 18:37:31+00:00| seen| https://infosec.exchange/users/cve/statuses/113511068517919150...
CVE-2024-48312
creationtimestamp| type| source ---|---|--- 2024-11-05 17:06:10+00:00| seen| https://infosec.exchange/users/cve/statuses/113431436992806213 2024-11-05 18:54:01+00:00| seen| https://t.me/cvedetector/9910...
Centreon XSS Vulnerability
Centreon 3.4.x fixed in Centreon 18.10.0 allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring Status Details Services" screen...
GHSA-8VH5-J6XJ-5953 Centreon XSS Vulnerability
Centreon 3.4.x fixed in Centreon 18.10.0 allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring Status Details Services" screen...
CVE-2018-19311
Centreon 3.4.x fixed in Centreon 18.10.0 allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring Status Details Services" screen...
Design/Logic Flaw
Centreon 3.4.x fixed in Centreon 18.10.0 allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring Status Details Services" screen...