VYPR

NuGet package

opentelemetry.exporter.opentelemetryprotocol

pkg:nuget/opentelemetry.exporter.opentelemetryprotocol

Vulnerabilities (3)

  • CVE-2026-42191MedMay 12, 2026
    affected >= 1.8.0, < 1.15.3fixed 1.15.3

    OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP (OpenTelemetry Protocol) exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath() when OTEL_DOTNET_EXPERIMENTAL_OTLP

  • CVE-2026-40891MedApr 23, 2026
    affected >= 1.13.1, < 1.15.3fixed 1.15.3

    OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry over gRPC using the OpenTelemetry Protocol (OTLP), the exporter may parse a server-provided grpc-status-details-bin trailer during retry handling. Prior to the fix, a malf

  • CVE-2026-40182MedApr 23, 2026
    affected >= 1.13.1, < 1.15.2fixed 1.15.2

    OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry to a back-end/collector over gRPC or HTTP using OpenTelemetry Protocol format (OTLP), if the request results in a unsuccessful request (i.e. HTTP 4xx or 5xx), the response