Open-telemetry Opentelemetry-dotnet
8 CVEs affecting Open-telemetry Opentelemetry-dotnet. Latest disclosed: 2026-05-12. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-27513 | High | 7.5 | 2025-03-05 | OpenTelemetry dotnet is a dotnet telemetry framework. A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause a Denial of Service (DoS) when… |
CVE-2026-42191 | Medium | 6.5 | 2026-05-12 | OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP (OpenTelemetry Protocol) exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in… |
CVE-2026-41078 | Medium | 5.9 | 2026-04-23 | OpenTelemetry dotnet is a dotnet telemetry framework. In 1.6.0-rc.1 and earlier, OpenTelemetry.Exporter.Jaeger may allow sustained memory pressure when the int… |
CVE-2026-41310 | Medium | 5.3 | 2026-05-06 | OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts… |
CVE-2026-40894 | Medium | 5.3 | 2026-04-23 | OpenTelemetry dotnet is a dotnet telemetry framework. In OpenTelemetry.Api 0.5.0-beta.2 to 1.15.2 and OpenTelemetry.Extensions.Propagators 1.3.1 to 1.15.2, The… |
CVE-2026-40891 | Medium | 5.3 | 2026-04-23 | OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry over gRPC using the OpenTelemetry Protocol (OTLP)… |
CVE-2026-40182 | Medium | 5.3 | 2026-04-23 | OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry to a back-end/collector over gRPC or HTTP using Op… |
CVE-2024-32028 | Medium | 4.1 | 2024-04-12 | OpenTelemetry dotnet is a dotnet telemetry framework. In affected versions of `OpenTelemetry.Instrumentation.Http` and `OpenTelemetry.Instrumentation.AspNetCor… |