Filtered by vendor Opentelemetry Subscriptions
Filtered by product Opentelemetry.exporter.jaeger Subscriptions

Search

Switch to Advanced Search (Beta)
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-41078 1 Opentelemetry 2 Opentelemetry-dotnet, Opentelemetry.exporter.jaeger 2026-04-28 5.9 Medium
OpenTelemetry dotnet is a dotnet telemetry framework. In 1.6.0-rc.1 and earlier, OpenTelemetry.Exporter.Jaeger may allow sustained memory pressure when the internal pooled-list sizing grows based on a large observed span/tag set and that enlarged size is reused for subsequent allocations. Under high-cardinality or attacker-influenced telemetry input, this can increase memory consumption and potentially cause denial of service. There is no plan to fix this issue as OpenTelemetry.Exporter.Jaeger was deprecated in 2023.