Filtered by vendor Opentelemetry
Subscriptions
Filtered by product Exporter-prometheus
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-44902 | 1 Opentelemetry | 4 Auto-instrumentations-node, Exporter-prometheus, Opentelemetry-js and 1 more | 2026-05-30 | 7.5 High |
| opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint (default 0.0.0.0:9464) has no error handling around URL parsing, so a request with an invalid URI causes an uncaught TypeError that terminates the process. This vulnerability is fixed in 0.217.0. | ||||
Page 1 of 1.