Opentelemetry.Api
Approved changes feed: RSS · Atom
cpe:2.3:a:opentelemetry:opentelemetry.api:*:*:*:*:*:.net:*:*
part: a version: * update: *
| Vendor | Opentelemetry (39d78cb4-5c3d-536d-a86d-5fcb2abd36d8) |
|---|---|
| Product | Opentelemetry.Api (05be4697-7974-5069-b88b-dd158e2da6b1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | .net |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/open-telemetry/opentelemetry-dotnet |
purl2cpe | 2026-06-01 10:13:47.654370 |
pkg:nuget/opentelemetry.api |
purl2cpe | 2026-06-01 10:13:47.654372 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-40894 |
vulnerable | 2026-06-03 15:23:35.179758 |
OpenTelemetry dotnet: Excessive memory allocation when parsing OpenTelemetry propagation headers
MEDIUM (5.3)
OpenTelemetry dotnet is a dotnet telemetry framework. In OpenTelemetry.Api 0.5.0-beta.2 to 1.15.2 and OpenTelemetry.Extensions.Propagators 1.3.1 to 1.15.2, The implementation details of the baggage, B3 and Jaeger processing code in the OpenTelemetry.Api and OpenTelemetry.Extensions.Propagators NuGet packages can allocate excessive memory when parsing which could create a potential denial of service (DoS) in the consuming application. This vulnerability is fixed in 1.15.3.
Published: 2026-04-23T18:03:28.211Z
Updated: 2026-04-23T19:22:47.268Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.