CVE-2026-40894 in opentelemetry-dotnetالمعلومات

الملخص

بحسب MITRE • 23/04/2026

OpenTelemetry dotnet is a dotnet telemetry framework. In OpenTelemetry.Api 0.5.0-beta.2 to 1.15.2 and OpenTelemetry.Extensions.Propagators 1.3.1 to 1.15.2, The implementation details of the baggage, B3 and Jaeger processing code in the OpenTelemetry.Api and OpenTelemetry.Extensions.Propagators NuGet packages can allocate excessive memory when parsing which could create a potential denial of service (DoS) in the consuming application. This vulnerability is fixed in 1.15.3.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

GitHub M

حجز

15/04/2026

إفشاء

23/04/2026

الاعتدال

تمت الموافقة

إدخال

VDB-359187

CPE

جاهز

CWE

CWE-789 (مؤكد)

CVSS

5.3 (CNA)

EPSS

0.00028

KEV

لا

النشاطات

منخفض جدًا

القطاع

Telecommunication, Government, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-40894
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-40894
CVE Details	https://www.cvedetails.com/cve/CVE-2026-40894/

التالي ▸نظرة عامة ◂ السابق

Might our Artificial Intelligence support you?

Check our Alexa App!