[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-45142":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":406,"aliases":407,"duplicate_of":9,"upstream":410,"downstream":411,"duplicates":450,"related":451,"reserved_at":9,"published_at":545,"modified_at":546,"state":547,"summary":548,"references_raw":557,"kevs":619,"epss":620,"epss_history":623,"metrics":882,"affected":892},"CVE-2023-45142","OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels `http.user_agent` and `http.method` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP header User-Agent or HTTP method for requests can be easily set by an attacker to be random and long. The library internally uses `httpconv.ServerRequest` that records every value for HTTP `method` and `User-Agent`. In order to be affected, a program has to use the `otelhttp.NewHandler` wrapper and not filter any unknown HTTP methods or User agents on the level of CDN, LB, previous middleware, etc. Version 0.44.0 fixed this issue when the values collected for attribute `http.request.method` were changed to be restricted to a set of well-known values and other high cardinality attributes were removed. As a workaround to stop being affected, `otelhttp.WithFilter()` can be used, but it requires manual careful configuration to not log certain requests entirely. For convenience and safe usage of this library, it should by default mark with the label `unknown` non-standard HTTP methods and User agents to show that such requests were made but do not increase cardinality. In case someone wants to stay with the current behavior, library API should allow to enable it.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-770","Allocation of Resources Without Limits or Throttling","The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.","weakness","Incomplete","Base","High",[20,106,116,120,124,128,132,136,168,230,234,238,268,298,330,334,338,342,346,350],{"id":21,"name":22,"techniques":23},"CAPEC-125","Flooding",[24,78],{"id":25,"name":26,"tactics":27,"countermeasures":31},"T1498.001","Direct Network Flood",[28],{"id":29,"name":30},"TA0105","Impact",[32,37,41,45,49,53,57,61,65,69,74],{"id":33,"name":34,"tactic":35},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":36},"Detect",{"id":38,"name":39,"tactic":40},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":36},{"id":42,"name":43,"tactic":44},"D3-CSPP","Client-server Payload Profiling",{"name":36},{"id":46,"name":47,"tactic":48},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":36},{"id":50,"name":51,"tactic":52},"D3-NTSA","Network Traffic Signature Analysis",{"name":36},{"id":54,"name":55,"tactic":56},"D3-APCA","Application Protocol Command Analysis",{"name":36},{"id":58,"name":59,"tactic":60},"D3-NTCD","Network Traffic Community Deviation",{"name":36},{"id":62,"name":63,"tactic":64},"D3-RTSD","Remote Terminal Session Detection",{"name":36},{"id":66,"name":67,"tactic":68},"D3-ISVA","Inbound Session Volume Analysis",{"name":36},{"id":70,"name":71,"tactic":72},"D3-NTF","Network Traffic Filtering",{"name":73},"Isolate",{"id":75,"name":76,"tactic":77},"D3-ITF","Inbound Traffic Filtering",{"name":73},{"id":79,"name":80,"tactics":81,"countermeasures":83},"T1499","Endpoint Denial of Service",[82],{"id":29,"name":30},[84,86,88,90,92,94,96,98,100,102,104],{"id":33,"name":34,"tactic":85},{"name":36},{"id":38,"name":39,"tactic":87},{"name":36},{"id":42,"name":43,"tactic":89},{"name":36},{"id":46,"name":47,"tactic":91},{"name":36},{"id":50,"name":51,"tactic":93},{"name":36},{"id":54,"name":55,"tactic":95},{"name":36},{"id":58,"name":59,"tactic":97},{"name":36},{"id":62,"name":63,"tactic":99},{"name":36},{"id":66,"name":67,"tactic":101},{"name":36},{"id":70,"name":71,"tactic":103},{"name":73},{"id":75,"name":76,"tactic":105},{"name":73},{"id":107,"name":108,"techniques":109},"CAPEC-130","Excessive Allocation",[110],{"id":111,"name":112,"tactics":113,"countermeasures":115},"T1499.003","Application Exhaustion Flood",[114],{"id":29,"name":30},[],{"id":117,"name":118,"techniques":119},"CAPEC-147","XML Ping of the Death",[],{"id":121,"name":122,"techniques":123},"CAPEC-197","Exponential Data Expansion",[],{"id":125,"name":126,"techniques":127},"CAPEC-229","Serialized Data Parameter Blowup",[],{"id":129,"name":130,"techniques":131},"CAPEC-230","Serialized Data with Nested Payloads",[],{"id":133,"name":134,"techniques":135},"CAPEC-231","Oversized Serialized Data Payloads",[],{"id":137,"name":138,"techniques":139},"CAPEC-469","HTTP DoS",[140],{"id":141,"name":142,"tactics":143,"countermeasures":145},"T1499.002","Service Exhaustion Flood",[144],{"id":29,"name":30},[146,148,150,152,154,156,158,160,162,164,166],{"id":33,"name":34,"tactic":147},{"name":36},{"id":38,"name":39,"tactic":149},{"name":36},{"id":42,"name":43,"tactic":151},{"name":36},{"id":46,"name":47,"tactic":153},{"name":36},{"id":50,"name":51,"tactic":155},{"name":36},{"id":54,"name":55,"tactic":157},{"name":36},{"id":58,"name":59,"tactic":159},{"name":36},{"id":62,"name":63,"tactic":161},{"name":36},{"id":66,"name":67,"tactic":163},{"name":36},{"id":70,"name":71,"tactic":165},{"name":73},{"id":75,"name":76,"tactic":167},{"name":73},{"id":169,"name":170,"techniques":171},"CAPEC-482","TCP Flood",[172,198,204],{"id":25,"name":26,"tactics":173,"countermeasures":175},[174],{"id":29,"name":30},[176,178,180,182,184,186,188,190,192,194,196],{"id":33,"name":34,"tactic":177},{"name":36},{"id":38,"name":39,"tactic":179},{"name":36},{"id":42,"name":43,"tactic":181},{"name":36},{"id":46,"name":47,"tactic":183},{"name":36},{"id":50,"name":51,"tactic":185},{"name":36},{"id":54,"name":55,"tactic":187},{"name":36},{"id":58,"name":59,"tactic":189},{"name":36},{"id":62,"name":63,"tactic":191},{"name":36},{"id":66,"name":67,"tactic":193},{"name":36},{"id":70,"name":71,"tactic":195},{"name":73},{"id":75,"name":76,"tactic":197},{"name":73},{"id":199,"name":200,"tactics":201,"countermeasures":203},"T1499.001","OS Exhaustion Flood",[202],{"id":29,"name":30},[],{"id":141,"name":142,"tactics":205,"countermeasures":207},[206],{"id":29,"name":30},[208,210,212,214,216,218,220,222,224,226,228],{"id":33,"name":34,"tactic":209},{"name":36},{"id":38,"name":39,"tactic":211},{"name":36},{"id":42,"name":43,"tactic":213},{"name":36},{"id":46,"name":47,"tactic":215},{"name":36},{"id":50,"name":51,"tactic":217},{"name":36},{"id":54,"name":55,"tactic":219},{"name":36},{"id":58,"name":59,"tactic":221},{"name":36},{"id":62,"name":63,"tactic":223},{"name":36},{"id":66,"name":67,"tactic":225},{"name":36},{"id":70,"name":71,"tactic":227},{"name":73},{"id":75,"name":76,"tactic":229},{"name":73},{"id":231,"name":232,"techniques":233},"CAPEC-486","UDP Flood",[],{"id":235,"name":236,"techniques":237},"CAPEC-487","ICMP Flood",[],{"id":239,"name":240,"techniques":241},"CAPEC-488","HTTP Flood",[242],{"id":141,"name":142,"tactics":243,"countermeasures":245},[244],{"id":29,"name":30},[246,248,250,252,254,256,258,260,262,264,266],{"id":33,"name":34,"tactic":247},{"name":36},{"id":38,"name":39,"tactic":249},{"name":36},{"id":42,"name":43,"tactic":251},{"name":36},{"id":46,"name":47,"tactic":253},{"name":36},{"id":50,"name":51,"tactic":255},{"name":36},{"id":54,"name":55,"tactic":257},{"name":36},{"id":58,"name":59,"tactic":259},{"name":36},{"id":62,"name":63,"tactic":261},{"name":36},{"id":66,"name":67,"tactic":263},{"name":36},{"id":70,"name":71,"tactic":265},{"name":73},{"id":75,"name":76,"tactic":267},{"name":73},{"id":269,"name":270,"techniques":271},"CAPEC-489","SSL Flood",[272],{"id":141,"name":142,"tactics":273,"countermeasures":275},[274],{"id":29,"name":30},[276,278,280,282,284,286,288,290,292,294,296],{"id":33,"name":34,"tactic":277},{"name":36},{"id":38,"name":39,"tactic":279},{"name":36},{"id":42,"name":43,"tactic":281},{"name":36},{"id":46,"name":47,"tactic":283},{"name":36},{"id":50,"name":51,"tactic":285},{"name":36},{"id":54,"name":55,"tactic":287},{"name":36},{"id":58,"name":59,"tactic":289},{"name":36},{"id":62,"name":63,"tactic":291},{"name":36},{"id":66,"name":67,"tactic":293},{"name":36},{"id":70,"name":71,"tactic":295},{"name":73},{"id":75,"name":76,"tactic":297},{"name":73},{"id":299,"name":300,"techniques":301},"CAPEC-490","Amplification",[302],{"id":303,"name":304,"tactics":305,"countermeasures":307},"T1498.002","Reflection Amplification",[306],{"id":29,"name":30},[308,310,312,314,316,318,320,322,324,326,328],{"id":33,"name":34,"tactic":309},{"name":36},{"id":38,"name":39,"tactic":311},{"name":36},{"id":42,"name":43,"tactic":313},{"name":36},{"id":46,"name":47,"tactic":315},{"name":36},{"id":50,"name":51,"tactic":317},{"name":36},{"id":54,"name":55,"tactic":319},{"name":36},{"id":58,"name":59,"tactic":321},{"name":36},{"id":62,"name":63,"tactic":323},{"name":36},{"id":66,"name":67,"tactic":325},{"name":36},{"id":70,"name":71,"tactic":327},{"name":73},{"id":75,"name":76,"tactic":329},{"name":73},{"id":331,"name":332,"techniques":333},"CAPEC-491","Quadratic Data Expansion",[],{"id":335,"name":336,"techniques":337},"CAPEC-493","SOAP Array Blowup",[],{"id":339,"name":340,"techniques":341},"CAPEC-494","TCP Fragmentation",[],{"id":343,"name":344,"techniques":345},"CAPEC-495","UDP Fragmentation",[],{"id":347,"name":348,"techniques":349},"CAPEC-496","ICMP Fragmentation",[],{"id":351,"name":352,"techniques":353},"CAPEC-528","XML Flood",[354,380],{"id":141,"name":142,"tactics":355,"countermeasures":357},[356],{"id":29,"name":30},[358,360,362,364,366,368,370,372,374,376,378],{"id":33,"name":34,"tactic":359},{"name":36},{"id":38,"name":39,"tactic":361},{"name":36},{"id":42,"name":43,"tactic":363},{"name":36},{"id":46,"name":47,"tactic":365},{"name":36},{"id":50,"name":51,"tactic":367},{"name":36},{"id":54,"name":55,"tactic":369},{"name":36},{"id":58,"name":59,"tactic":371},{"name":36},{"id":62,"name":63,"tactic":373},{"name":36},{"id":66,"name":67,"tactic":375},{"name":36},{"id":70,"name":71,"tactic":377},{"name":73},{"id":75,"name":76,"tactic":379},{"name":73},{"id":25,"name":26,"tactics":381,"countermeasures":383},[382],{"id":29,"name":30},[384,386,388,390,392,394,396,398,400,402,404],{"id":33,"name":34,"tactic":385},{"name":36},{"id":38,"name":39,"tactic":387},{"name":36},{"id":42,"name":43,"tactic":389},{"name":36},{"id":46,"name":47,"tactic":391},{"name":36},{"id":50,"name":51,"tactic":393},{"name":36},{"id":54,"name":55,"tactic":395},{"name":36},{"id":58,"name":59,"tactic":397},{"name":36},{"id":62,"name":63,"tactic":399},{"name":36},{"id":66,"name":67,"tactic":401},{"name":36},{"id":70,"name":71,"tactic":403},{"name":73},{"id":75,"name":76,"tactic":405},{"name":73},[],[408,409],"GHSA-rcjv-mgp8-qvmr","GO-2023-2113",[],[412,414,416,418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448],{"_key":413},"SUSE-SU-2024:3188-1",{"_key":415},"SUSE-SU-2024:3266-1",{"_key":417},"SUSE-SU-2024:4319-1",{"_key":419},"SUSE-SU-2024:3221-1",{"_key":421},"SUSE-SU-2024:3267-1",{"_key":423},"SUSE-SU-2024:3288-1",{"_key":425},"SUSE-SU-2024:4360-1",{"_key":427},"OPENSUSE-SU-2024:0211-1",{"_key":429},"OPENSUSE-SU-2024:0220-1",{"_key":431},"OPENSUSE-SU-2024:13360-1",{"_key":433},"OPENSUSE-SU-2024:13495-1",{"_key":435},"OPENSUSE-SU-2024:14232-1",{"_key":437},"OPENSUSE-SU-2024:14320-1",{"_key":439},"OPENSUSE-SU-2024:14321-1",{"_key":441},"SUSE-SU-2025:20091-1",{"_key":443},"SUSE-SU-2025:20110-1",{"_key":445},"SUSE-SU-2025:20259-1",{"_key":447},"UBUNTU-CVE-2023-45142",{"_key":449},"RHSA-2024:4118",[],[452,453,454,455,456,457,458,459,460,461,462,463,464,465,466,467,468,469,471,473,475,477,479,481,483,485,487,489,491,493,495,497,499,501,503,505,507,509,511,513,515,517,519,521,523,525,527,529,531,533,535,537,539,541,543],{"_key":413},{"_key":415},{"_key":417},{"_key":419},{"_key":421},{"_key":423},{"_key":425},{"_key":427},{"_key":429},{"_key":431},{"_key":433},{"_key":435},{"_key":437},{"_key":439},{"_key":441},{"_key":443},{"_key":445},{"_key":470},"CGA-2687-3W3C-H2PQ",{"_key":472},"CGA-397F-CW69-FR9X",{"_key":474},"CGA-3CV4-W4XV-7CHJ",{"_key":476},"CGA-3HR2-4RP2-62HP",{"_key":478},"CGA-3R26-RCJ2-H66R",{"_key":480},"CGA-48M6-JG22-57VJ",{"_key":482},"CGA-4VV2-M4FW-C88F",{"_key":484},"CGA-5GWJ-WWVF-4VCM",{"_key":486},"CGA-64P8-8Q49-8RPC",{"_key":488},"CGA-6GRQ-JF9P-VP73",{"_key":490},"CGA-6GV6-6Q3M-628R",{"_key":492},"CGA-75J3-C8Q9-R6QM",{"_key":494},"CGA-7CG8-GMHJ-68CP",{"_key":496},"CGA-7CPW-VRVP-9CJQ",{"_key":498},"CGA-87WR-9FMH-H4HG",{"_key":500},"CGA-8CW3-86J9-WP6G",{"_key":502},"CGA-9534-VRGQ-P7JF",{"_key":504},"CGA-9F2C-59Q2-9MW2",{"_key":506},"CGA-9GCW-RCRG-9M92",{"_key":508},"CGA-9MM8-43FR-GQCG",{"_key":510},"CGA-G52P-2FWR-4527",{"_key":512},"CGA-GQFX-G935-V5XG",{"_key":514},"CGA-H69M-QJX3-5GMC",{"_key":516},"CGA-M6M2-V446-5383",{"_key":518},"CGA-PQ24-27RH-W59M",{"_key":520},"CGA-PV65-V4M9-35MV",{"_key":522},"CGA-Q82P-C2HC-F79F",{"_key":524},"CGA-QGXJ-CVP8-QV6Q",{"_key":526},"CGA-QR22-6H8G-5CM3",{"_key":528},"CGA-RQX3-9JJW-VX9V",{"_key":530},"CGA-V34H-VMHJ-24XM",{"_key":532},"CGA-V3W8-P7J8-HP38",{"_key":534},"CGA-VPJ9-96XF-RG3F",{"_key":536},"CGA-WRMM-4CQ4-67RW",{"_key":538},"CGA-WXRM-373X-6QCJ",{"_key":540},"CVE-2023-25151",{"_key":542},"CVE-2022-21698",{"_key":544},"CGA-HGJV-CJ3F-PFJF","2023-10-12T16:33:21.435Z","2025-02-13T17:13:49.600Z","Modified",{"cisa_kev":549,"cisa_ransomware":549,"cisa_vendor":9,"epss_severity":550,"epss_score":551,"severity":552,"severity_score":553,"severity_version":554,"severity_source":555,"severity_vector":556,"severity_status":547},false,"low",0.01159,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[558,568,573,579,584,589,594,598,602,606,610,615],{"url":559,"sources":560,"tags":563},"https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr",[555,561,562],"nvd","osv_go",[564,565,566,567],"X Refsource CONFIRM","Vendor Advisory","WEB","Advisory",{"url":569,"sources":570,"tags":571},"https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-5r5m-65gx-7vrh",[555,561,562],[572,565,566],"X Refsource MISC",{"url":574,"sources":575,"tags":576},"https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4277",[555,561,562],[572,577,566,578],"Issue Tracking","FIX",{"url":580,"sources":581,"tags":582},"https://github.com/advisories/GHSA-cg3q-j54f-5p7p",[555,561,562],[572,583,567],"Third Party Advisory",{"url":585,"sources":586,"tags":587},"https://github.com/open-telemetry/opentelemetry-go-contrib/blob/5f7e6ad5a49b45df45f61a1deb29d7f1158032df/instrumentation/net/http/otelhttp/handler.go#L63-L65",[555,561,562],[572,588,566],"Product",{"url":590,"sources":591,"tags":592},"https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.19.0",[555,561,562],[572,593,566],"Release Notes",{"url":595,"sources":596,"tags":597},"https://github.com/open-telemetry/opentelemetry-go/blob/38e1b499c3da3107694ad2660b3888eee9c8b896/semconv/internal/v2/http.go#L223",[555,561,562],[572,588,566],{"url":599,"sources":600,"tags":601},"https://github.com/open-telemetry/opentelemetry-go/blob/v1.12.0/semconv/internal/v2/http.go#L159",[555,561,562],[572,588,566],{"url":603,"sources":604,"tags":605},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2UTRJ54INZG3OC2FTAN6AFB2RYNY2GAD/",[555,561],[],{"url":607,"sources":608,"tags":609},"https://nvd.nist.gov/vuln/detail/CVE-2023-45142",[562],[567],{"url":611,"sources":612,"tags":613},"https://github.com/open-telemetry/opentelemetry-go-contrib",[562],[614],"PACKAGE",{"url":616,"sources":617,"tags":618},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2UTRJ54INZG3OC2FTAN6AFB2RYNY2GAD",[562],[566],[],{"date":621,"score":551,"percentile":622},"2026-06-04",0.78923,[624,627,630,633,636,639,641,644,647,650,653,656,659,661,664,668,671,674,677,679,682,684,687,690,692,695,698,701,704,707,710,712,715,718,720,723,726,729,732,735,738,741,744,747,750,753,756,759,762,765,768,771,774,777,780,783,786,789,791,794,797,799,802,805,808,811,814,817,820,823,826,828,831,834,837,840,843,845,848,851,853,856,859,862,864,867,870,873,876,879],{"date":625,"score":551,"percentile":626},"2025-11-04",0.779,{"date":628,"score":551,"percentile":629},"2025-11-05",0.77902,{"date":631,"score":551,"percentile":632},"2025-11-06",0.77897,{"date":634,"score":551,"percentile":635},"2025-11-07",0.77912,{"date":637,"score":551,"percentile":638},"2025-11-08",0.77918,{"date":640,"score":551,"percentile":635},"2025-11-09",{"date":642,"score":551,"percentile":643},"2025-11-10",0.77901,{"date":645,"score":551,"percentile":646},"2025-11-11",0.77903,{"date":648,"score":551,"percentile":649},"2025-11-12",0.7792,{"date":651,"score":551,"percentile":652},"2025-11-13",0.7793,{"date":654,"score":551,"percentile":655},"2025-11-14",0.77939,{"date":657,"score":551,"percentile":658},"2025-11-15",0.77937,{"date":660,"score":551,"percentile":655},"2025-11-16",{"date":662,"score":551,"percentile":663},"2025-11-17",0.77932,{"date":665,"score":666,"percentile":667},"2025-11-18",0.04767,0.88375,{"date":669,"score":666,"percentile":670},"2025-11-19",0.88378,{"date":672,"score":666,"percentile":673},"2025-11-20",0.88381,{"date":675,"score":551,"percentile":676},"2025-11-21",0.77959,{"date":678,"score":551,"percentile":676},"2025-11-22",{"date":680,"score":551,"percentile":681},"2025-11-23",0.77943,{"date":683,"score":551,"percentile":681},"2025-11-24",{"date":685,"score":551,"percentile":686},"2025-11-25",0.77949,{"date":688,"score":551,"percentile":689},"2025-11-26",0.77955,{"date":691,"score":551,"percentile":676},"2025-11-27",{"date":693,"score":551,"percentile":694},"2025-11-28",0.77951,{"date":696,"score":551,"percentile":697},"2025-11-29",0.77958,{"date":699,"score":551,"percentile":700},"2025-11-30",0.77956,{"date":702,"score":551,"percentile":703},"2025-12-01",0.78061,{"date":705,"score":551,"percentile":706},"2025-12-02",0.7807,{"date":708,"score":551,"percentile":709},"2025-12-03",0.78066,{"date":711,"score":551,"percentile":700},"2025-12-04",{"date":713,"score":551,"percentile":714},"2025-12-05",0.77963,{"date":716,"score":551,"percentile":717},"2025-12-06",0.77965,{"date":719,"score":551,"percentile":676},"2025-12-07",{"date":721,"score":551,"percentile":722},"2025-12-08",0.77962,{"date":724,"score":551,"percentile":725},"2025-12-09",0.77983,{"date":727,"score":551,"percentile":728},"2025-12-10",0.78008,{"date":730,"score":551,"percentile":731},"2025-12-11",0.78023,{"date":733,"score":551,"percentile":734},"2025-12-12",0.78042,{"date":736,"score":551,"percentile":737},"2025-12-13",0.78043,{"date":739,"score":551,"percentile":740},"2025-12-14",0.7804,{"date":742,"score":551,"percentile":743},"2025-12-15",0.78036,{"date":745,"score":551,"percentile":746},"2025-12-16",0.78048,{"date":748,"score":551,"percentile":749},"2025-12-17",0.78057,{"date":751,"score":551,"percentile":752},"2025-12-18",0.78073,{"date":754,"score":551,"percentile":755},"2025-12-19",0.78084,{"date":757,"score":551,"percentile":758},"2025-12-20",0.78078,{"date":760,"score":551,"percentile":761},"2025-12-21",0.78072,{"date":763,"score":551,"percentile":764},"2025-12-22",0.78075,{"date":766,"score":551,"percentile":767},"2025-12-23",0.78077,{"date":769,"score":551,"percentile":770},"2025-12-24",0.78089,{"date":772,"score":551,"percentile":773},"2025-12-25",0.78108,{"date":775,"score":551,"percentile":776},"2025-12-26",0.78107,{"date":778,"score":551,"percentile":779},"2025-12-27",0.78154,{"date":781,"score":551,"percentile":782},"2025-12-28",0.78095,{"date":784,"score":551,"percentile":785},"2025-12-29",0.7809,{"date":787,"score":551,"percentile":788},"2025-12-30",0.78096,{"date":790,"score":551,"percentile":773},"2025-12-31",{"date":792,"score":551,"percentile":793},"2026-01-01",0.78225,{"date":795,"score":551,"percentile":796},"2026-01-02",0.78226,{"date":798,"score":551,"percentile":793},"2026-01-03",{"date":800,"score":551,"percentile":801},"2026-01-04",0.7811,{"date":803,"score":551,"percentile":804},"2026-01-05",0.78105,{"date":806,"score":551,"percentile":807},"2026-01-06",0.78114,{"date":809,"score":551,"percentile":810},"2026-01-07",0.78121,{"date":812,"score":551,"percentile":813},"2026-01-08",0.78129,{"date":815,"score":551,"percentile":816},"2026-01-09",0.78132,{"date":818,"score":551,"percentile":819},"2026-01-10",0.78133,{"date":821,"score":551,"percentile":822},"2026-01-11",0.78125,{"date":824,"score":551,"percentile":825},"2026-01-12",0.78113,{"date":827,"score":551,"percentile":801},"2026-01-13",{"date":829,"score":551,"percentile":830},"2026-01-14",0.78131,{"date":832,"score":551,"percentile":833},"2026-01-15",0.78135,{"date":835,"score":551,"percentile":836},"2026-01-16",0.78142,{"date":838,"score":551,"percentile":839},"2026-01-17",0.78149,{"date":841,"score":551,"percentile":842},"2026-01-18",0.78143,{"date":844,"score":551,"percentile":836},"2026-01-19",{"date":846,"score":551,"percentile":847},"2026-01-20",0.78136,{"date":849,"score":551,"percentile":850},"2026-01-21",0.78141,{"date":852,"score":551,"percentile":839},"2026-01-22",{"date":854,"score":551,"percentile":855},"2026-01-23",0.78175,{"date":857,"score":551,"percentile":858},"2026-01-24",0.78187,{"date":860,"score":551,"percentile":861},"2026-01-25",0.78181,{"date":863,"score":551,"percentile":855},"2026-01-26",{"date":865,"score":551,"percentile":866},"2026-01-27",0.78173,{"date":868,"score":551,"percentile":869},"2026-01-28",0.78177,{"date":871,"score":551,"percentile":872},"2026-01-29",0.78172,{"date":874,"score":551,"percentile":875},"2026-01-30",0.78176,{"date":877,"score":551,"percentile":878},"2026-01-31",0.78179,{"date":880,"score":551,"percentile":881},"2026-02-01",0.78288,[883,888,890],{"source":555,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":884,"cvss_v4_0":9},{"baseScore":553,"baseSeverity":885,"vectorString":556,"impactScore":886,"exploitabilityScore":887},"HIGH",6,10,{"source":561,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":889,"cvss_v4_0":9},{"baseScore":553,"baseSeverity":885,"vectorString":556,"impactScore":886,"exploitabilityScore":887},{"source":562,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":891,"cvss_v4_0":9},{"baseScore":553,"baseSeverity":9,"vectorString":556,"impactScore":886,"exploitabilityScore":887},[893,906,912,918,924,930,936,942,949],{"ecosystem":894,"name":895,"vendor":896,"product":897,"cpe_part":9,"purl_type":898,"purl_namespace":896,"purl_name":897,"source":9,"versions":899},"Go","go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful","go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful","otelrestful","golang",[900],{"version":901,"is_range":902,"range_type":903,"version_start":9,"version_start_type":9,"version_end":904,"version_end_type":905,"fixed_in":9},"lt0_44_0",true,"semver","0.44.0","excluding",{"ecosystem":894,"name":907,"vendor":908,"product":909,"cpe_part":9,"purl_type":898,"purl_namespace":908,"purl_name":909,"source":9,"versions":910},"go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin","go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin","otelgin",[911],{"version":901,"is_range":902,"range_type":903,"version_start":9,"version_start_type":9,"version_end":904,"version_end_type":905,"fixed_in":9},{"ecosystem":894,"name":913,"vendor":914,"product":915,"cpe_part":9,"purl_type":898,"purl_namespace":914,"purl_name":915,"source":9,"versions":916},"go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux","go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux","otelmux",[917],{"version":901,"is_range":902,"range_type":903,"version_start":9,"version_start_type":9,"version_end":904,"version_end_type":905,"fixed_in":9},{"ecosystem":894,"name":919,"vendor":920,"product":921,"cpe_part":9,"purl_type":898,"purl_namespace":920,"purl_name":921,"source":9,"versions":922},"go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho","go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo","otelecho",[923],{"version":901,"is_range":902,"range_type":903,"version_start":9,"version_start_type":9,"version_end":904,"version_end_type":905,"fixed_in":9},{"ecosystem":894,"name":925,"vendor":926,"product":927,"cpe_part":9,"purl_type":898,"purl_namespace":926,"purl_name":927,"source":9,"versions":928},"go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1/otelmacaron","go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1","otelmacaron",[929],{"version":901,"is_range":902,"range_type":903,"version_start":9,"version_start_type":9,"version_end":904,"version_end_type":905,"fixed_in":9},{"ecosystem":894,"name":931,"vendor":932,"product":933,"cpe_part":9,"purl_type":898,"purl_namespace":932,"purl_name":933,"source":9,"versions":934},"go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp","go.opentelemetry.io/contrib/instrumentation/net/http","otelhttp",[935],{"version":901,"is_range":902,"range_type":903,"version_start":9,"version_start_type":9,"version_end":904,"version_end_type":905,"fixed_in":9},{"ecosystem":894,"name":937,"vendor":938,"product":939,"cpe_part":9,"purl_type":898,"purl_namespace":938,"purl_name":939,"source":9,"versions":940},"go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace","go.opentelemetry.io/contrib/instrumentation/net/http/httptrace","otelhttptrace",[941],{"version":901,"is_range":902,"range_type":903,"version_start":9,"version_start_type":9,"version_end":904,"version_end_type":905,"fixed_in":9},{"ecosystem":9,"name":943,"vendor":944,"product":943,"cpe_part":945,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":946},"opentelemetry-go-contrib","open-telemetry","a",[947],{"version":948,"is_range":902,"range_type":555,"version_start":9,"version_start_type":9,"version_end":904,"version_end_type":905,"fixed_in":9},"\u003C 0.44.0",{"ecosystem":9,"name":950,"vendor":950,"product":950,"cpe_part":945,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":951},"opentelemetry",[952],{"version":953,"is_range":902,"range_type":954,"version_start":9,"version_start_type":9,"version_end":904,"version_end_type":905,"fixed_in":9},"lt0.44.0","cpe"]