CVE-2026-39882 - GitHub Advisory Database (original) (raw)

Skip to content

Navigation Menu

• Pricing

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Sign up

Appearance settings

1. GitHub Advisory Database
2. GitHub Reviewed
3. CVE-2026-39882

opentelemetry-go: OTLP HTTP exporters read unbounded HTTP response bodies

Package

gomod go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp (Go)

Affected versions

< 0.19.0

gomod go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp (Go)

gomod go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp (Go)

Description

Published to the GitHub Advisory Database

Apr 8, 2026