Open-telemetry Opentelemetry-dotnet-contrib
5 CVEs affecting Open-telemetry Opentelemetry-dotnet-contrib. Latest disclosed: 2026-05-26. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-44213 | Medium | 6.5 | 2026-05-26 | The OpenTelemetry.Exporter.Instana exports telemetry to Instana backend. Prior to 1.1.0, the OpenTelemetry.Exporter.Instana NuGet package does not validate HTT… |
CVE-2026-42348 | Medium | 5.9 | 2026-05-12 | OpenTelemetry.OpAmp.Client is the OpAMP client for OpenTelemetry .NET. Prior to 0.2.0-alpha.1, when receiving responses from the OpAMP server over HTTP, the Op… |
CVE-2026-41483 | Medium | 5.9 | 2026-05-06 | OpenTelemetry.Resources.Azure is the .NET resource detector for Azure environments. In versions 1.15.0-beta.1 and earlier, the AzureVmMetaDataRequestor class m… |
CVE-2026-41173 | Medium | 5.9 | 2026-04-23 | The AWS X-Ray Remote Sampler package provides a sampler which can get sampling configurations from AWS X-Ray. Prior to 0.1.0-alpha.8, OpenTelemetry.Sampler.AWS… |
CVE-2026-41484 | Medium | 5.3 | 2026-05-06 | OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a reques… |