Vulnerabilidades en open-telemetry
44 resultadosCVE-2023-47108HIGHDoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metricsEPSS 1.6%CVE-2023-45142HIGHOpenTelemetry-Go Contrib has DoS vulnerability in otelhttp due to unbound cardinality metricsEPSS 1.4%CVE-2024-36129HIGHOpenTelemetry Collector has a Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPCEPSS 1.0%CVE-2023-25151HIGHDoS vulnerability for high cardinality metrics in opentelemetry-go-contribEPSS 1.0%CVE-2026-33701CRITICALOpenTelemetry: Unsafe Deserialization in RMI Instrumentation may Lead to Remote Code ExecutionEPSS 0.9%CVE-2023-43810HIGHopentelemetry-instrumentation Denial of Service vulnerability due to unbound cardinality metricsEPSS 0.7%CVE-2023-39951MEDIUMInstrumentation for AWS SDK v2 captures email content when using Amazon Simple Email Service (SES) v1 API, exposing that content to the telemetry backendEPSS 0.7%CVE-2024-42368MEDIUMopen-telemetry has an Observable Timing DiscrepancyEPSS 0.6%CVE-2026-45292MEDIUMopentelemetry-java: Unbounded Memory Allocation in W3C Baggage PropagationEPSS 0.5%CVE-2024-45043MEDIUMOpenTelemetry Collector AWS Firehose Receiver Authentication Bypass VulnerabilityEPSS 0.5%CVE-2025-27513HIGHOpenTelemetry .NET has a Denial of Service (DoS) Vulnerability in API PackageEPSS 0.5%CVE-2026-45685HIGHOpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messagesEPSS 0.5%CVE-2026-40894MEDIUMOpenTelemetry dotnet: Excessive memory allocation when parsing OpenTelemetry propagation headersEPSS 0.5%CVE-2026-44902HIGHopentelemetry-js: Prometheus exporter process crash via malformed HTTP requestEPSS 0.5%CVE-2026-45686HIGHOpenTelemetry eBPF Instrumentation: Memcached payload length overflow can crash OBIEPSS 0.4%CVE-2026-45678HIGHOpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloadsEPSS 0.3%CVE-2026-41484MEDIUMOpenTelemetry.Exporter.OneCollector vulnerable to denial of service via unbounded HTTP error response bodyEPSS 0.3%CVE-2026-29181HIGHOpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)EPSS 0.3%CVE-2026-41483MEDIUMUnbounded HTTP response body read in OpenTelemetry.Resources.AzureEPSS 0.3%CVE-2026-45680MEDIUMOpenTelemetry eBPF Instrumentation: Unbounded BPF internal metrics replay can exhaust CPUEPSS 0.3%