VDB
CVE-2025-27513
CVE-2025-27513
PUBLISHED
CVSS 7.5 HIGH
OpenTelemetry .NET has Denial of Service (DoS) Vulnerability in API Package
EPSS 0.05% · 16.4th percentile
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.05%
16.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| open-telemetry | opentelemetry-dotnet | * |
| NuGet | OpenTelemetry.Api | 1.10.0, 1.10.0-beta.1, 1.10.0-rc.1 |
Timeline
- Jan 21, 1970 Security Advisory
- Mar 5, 2025 CVE Published
- Mar 6, 2025 EPSS Score
- Mar 20, 2025 EPSS Score
- Mar 25, 2025 Coalition ESS Score
- Apr 3, 2025 EPSS Score
- Apr 16, 2025 EPSS Score
- Apr 30, 2025 EPSS Score
- May 14, 2025 EPSS Score
- May 28, 2025 EPSS Score
- Jun 10, 2025 EPSS Score
- Jun 24, 2025 EPSS Score
References
- https://github.com/open-telemetry/opentelemetry-dotnet/security/advisories/GHSA-8785-wc3w-h8q6 url
- https://github.com/open-telemetry/opentelemetry-dotnet/commit/1b555c1201413f2f55f2cd3c4ba03ef4b615b6b5 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-27513 advisory
- https://github.com/open-telemetry/opentelemetry-dotnet/pull/6161 url
- https://github.com/open-telemetry/opentelemetry-dotnet package