Lucene search
K

46 matches found

Wolfi
Wolfi
added 2026/06/13 7:48 a.m.11 views

GHSA-H2QV-FJ59-J46J vulnerabilities

Vulnerabilities for packages: tez, zipkin, apache-pulsar, celeborn, thingsboard, apicurio-registry, apache-activemq-artemis, neo4j, management-api-for-apache-cassandra-5.0...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/06/13 7:48 a.m.12 views

CVE-2026-48059 vulnerabilities

Vulnerabilities for packages: tez, zipkin, apache-pulsar, celeborn, thingsboard, apicurio-registry, apache-activemq-artemis, neo4j, management-api-for-apache-cassandra-5.0...

8.7CVSS5.9AI score0.0059EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/13 1:18 a.m.11 views

GHSA-H2QV-FJ59-J46J vulnerabilities

Vulnerabilities for packages: apache-hop, request-9047-keycloak-fips, apache-hop-fips, zipkin, apache-activemq-artemis, keycloak-fips, celeborn, knative-kafka-broker-fips, tez, thingsboard, pinot, pinot-fips, apache-pulsar-fips, knative-kafka-broker, neo4j, apache-pulsar,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/13 1:18 a.m.11 views

CVE-2026-48059 vulnerabilities

Vulnerabilities for packages: apache-hop, request-9047-keycloak-fips, apache-hop-fips, zipkin, apache-activemq-artemis, keycloak-fips, celeborn, knative-kafka-broker-fips, tez, thingsboard, pinot, pinot-fips, apache-pulsar-fips, knative-kafka-broker, neo4j, apache-pulsar,...

8.7CVSS5.9AI score0.0059EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.9 views

CVE-2026-41310

OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span attributes. In high-cardinality scenarios, a process using Zipkin export for client or producer spa...

5.3CVSS5.5AI score0.00311EPSS
Exploits0References1
Wolfi
Wolfi
added 2026/05/10 1:48 p.m.18 views

GHSA-7PWC-H2J2-RJGJ vulnerabilities

Vulnerabilities for packages: spark, zipkin...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/05/10 1:48 p.m.18 views

CVE-2026-43869 vulnerabilities

Vulnerabilities for packages: spark, zipkin...

7.3CVSS5.8AI score0.00632EPSS
Exploits0
NVD
NVD
added 2026/05/06 10:16 p.m.12 views

CVE-2026-41310

OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span attributes. In high-cardinality scenarios, a process using Zipkin export for client or producer spa...

5.3CVSS0.00311EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/06 8:54 p.m.48 views

CVE-2026-41310 OpenTelemetry .NET Zipkin exporter has unbounded remote endpoint cache leading to memory growth

OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span attributes. In high-cardinality scenarios, a process using Zipkin export for client or producer spa...

5.3CVSS0.00311EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 8:54 p.m.25 views

CVE-2026-41310

OpenTelemetry.Exporter.Zipkin for .NET (Zipkin exporter) has an unbounded remote endpoint cache in versions up to 1.15.2, where keys derived from span attributes can grow without bound in high-cardinality scenarios, leading to memory growth and degraded availability. The issue is addressed in ver...

5.3CVSS5.8AI score0.00311EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/06 8:54 p.m.6 views

CVE-2026-41310 OpenTelemetry .NET Zipkin exporter has unbounded remote endpoint cache leading to memory growth

OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span attributes. In high-cardinality scenarios, a process using Zipkin export for client or producer spa...

5.3CVSS5.8AI score0.00311EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/06 8:54 p.m.5 views

CVE-2026-41310

OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span attributes. In high-cardinality scenarios, a process using Zipkin export for client or producer spa...

5.3CVSS5.8AI score0.00311EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/05/06 8:54 p.m.6 views

EUVD-2026-28222

OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span attributes. In high-cardinality scenarios, a process using Zipkin export for client or producer spa...

5.3CVSS5.8AI score0.00311EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

OpenTelemetry 资源管理错误漏洞

OpenTelemetry is an open-source, vendor-neutral, open-source observability framework developed by OpenTelemetry. Versions of OpenTelemetry 1.15.2 and earlier contained a resource management vulnerability. This vulnerability stemmed from the Zipkin exporter’s remote endpoint caching unbounded key...

5.3CVSS5.8AI score0.00311EPSS
Exploits0References1
OSV
OSV
added 2026/04/28 11:23 p.m.4 views

GHSA-88HF-WF7H-7W4M OpenTelemetry's Zipkin remote endpoint cache could grow without bounds and increase memory pressure

Summary The Zipkin exporter remote endpoint cache accepted unbounded key growth derived from span attributes. In high-cardinality scenarios, this could increase process memory usage over time and degrade availability. Details - Introduce a bounded, thread-safe LRU cache for remote endpoints. -...

5.3CVSS5.8AI score0.00311EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/28 11:23 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview OpenTelemetry.Exporter.Zipkin is a Zipkin Exporter for OpenTelemetry .NET. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to unbounded growth of the remote endpoint cache derived from span attributes. An attacker can cause...

6.9CVSS5.8AI score0.00311EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/28 11:23 p.m.15 views

OpenTelemetry's Zipkin remote endpoint cache could grow without bounds and increase memory pressure

Summary The Zipkin exporter remote endpoint cache accepted unbounded key growth derived from span attributes. In high-cardinality scenarios, this could increase process memory usage over time and degrade availability. Details - Introduce a bounded, thread-safe LRU cache for remote endpoints. -...

5.3CVSS5.4AI score0.00311EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.9 views

PT-2026-35933

Name of the Vulnerable Software and Affected Versions OpenTelemetry.Exporter.Zipkin versions prior to 1.15.3 Description The remote endpoint cache in the Zipkin exporter accepts unbounded key growth derived from span attributes. In high-cardinality scenarios—situations where there is a large numb...

5.3CVSS5.8AI score0.00311EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-20090

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00284EPSS
Exploits0References4
Veracode
Veracode
added 2025/07/08 4:40 a.m.10 views

Sensitive Information Exposure

io.zipkin, zipkin-server is vulnerable to Sensitive Information Exposure. The vulnerability is due to the presence of an unprotected /heapdump endpoint associated with Spring Boot Actuator, which allows an attacker to retrieve memory dumps and potentially extract sensitive data. Note: There is a...

5.3CVSS9.3AI score0.00284EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder