Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2 advisories

Loading
opentelemetry-go's baggage parsing no longer caps raw header length Moderate
CVE-2026-41178 was published for go.opentelemetry.io/otel/baggage (Go) May 28, 2026
pellared Credited to pellared and XSAM XSAM XSAM
OpenTelemetry-Go: multi-value `baggage` header extraction causes excessive allocations (remote dos amplification) High
CVE-2026-29181 was published for go.opentelemetry.io/otel (Go) Apr 7, 2026
1seal Credited to 1seal, XSAM, and Ankush-Pathak XSAM XSAM
Ankush-Pathak Ankush-Pathak
ProTip! Advisories are also available from the GraphQL API