GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
5 advisories
OpenTelemetry.Sampler.AWS & OpenTelemetry.Resources.AWS have unbounded HTTP response body reads
Moderate
CVE-2026-41173
was published
for
OpenTelemetry.Resources.AWS
(NuGet)
Apr 23, 2026
OpenTelemetry dotnet: Excessive memory allocation when parsing OpenTelemetry propagation headers
Moderate
CVE-2026-40894
was published
for
OpenTelemetry.Api
(NuGet)
Apr 23, 2026
OpenTelemetry dotnet: Unbounded `grpc-status-details-bin` parsing in OTLP/gRPC retry handling
Moderate
CVE-2026-40891
was published
for
OpenTelemetry.Exporter.OpenTelemetryProtocol
(NuGet)
Apr 23, 2026
OpenTelemetry dotnet: OTLP exporter reads unbounded HTTP response bodies
Moderate
CVE-2026-40182
was published
for
OpenTelemetry.Exporter.OpenTelemetryProtocol
(NuGet)
Apr 23, 2026
Valid ECDSA signatures erroneously rejected in Elliptic
Low
CVE-2024-48948
was published
for
elliptic
(npm)
Oct 15, 2024
ProTip!
Advisories are also available from the
GraphQL API