CVE-2026-45292
MEDIUM SEVERITYCVSS Score & Metrics
Base Score
5.3 / 10
Vulnerability Description
OpenTelemetry Java SDK has Unbounded Memory Allocation in W3C Baggage Propagation
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
maven
Product
io.opentelemetry:opentelemetry-api
External References
- https://github.com/open-telemetry/opentelemetry-java/security/advisories/GHSA-rcgg-9c38-7xpx
- https://github.com/open-telemetry/opentelemetry-java/pull/8380
- https://github.com/open-telemetry/opentelemetry-java/commit/03837d3c1763bc35464aea1078671e2ef2336a5f
- https://github.com/open-telemetry/opentelemetry-java/releases/tag/v1.62.0
- https://github.com/advisories/GHSA-rcgg-9c38-7xpx
Discussion (0)
Add Comment
No comments yet. Be the first!