VYPR

Go modules package

go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp

pkg:golang/go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp

Vulnerabilities (1)

  • CVE-2026-39882MedApr 8, 2026
    affected < 1.43.0fixed 1.43.0

    OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to 1.43.0, the otlp HTTP exporters (traces/metrics/logs) read the full HTTP response body into an in-memory bytes.Buffer without a size cap. This is exploitable for memory exhaustion when the configured collector e