{"data":{"id":"d445c1c8-2ba0-49e6-a375-f796d2af86ed","title":"GHSA-2jc5-xhx8-qj6h: fluent-plugin-opentelemetry Has Denial of Service (DoS) via Large Payloads and Decompression Bombs in `in_opentelemetry`","summary":"The fluent-plugin-opentelemetry plugin's HTTP input lacks size limits, allowing attackers to send huge or highly compressed files that consume excessive memory when decompressed, causing a DoS (denial of service, a type of attack that makes a service unavailable) attack by crashing the Fluentd logging process. If the OpenTelemetry endpoint (a connection point that accepts telemetry data) is exposed to untrusted networks, an attacker can exploit this to disrupt all log collection on the affected server.","solution":"Upgrade to v0.5.3. If immediate upgrade is not possible, restrict network access to the OpenTelemetry ingestion port (default 4318) using firewall rules to only trusted networks, or place a reverse proxy like Nginx in front of Fluentd to handle decompression and enforce strict size limits on both compressed and uncompressed request bodies before sending traffic to Fluentd.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-2jc5-xhx8-qj6h","publishedAt":"2026-06-26T17:22:37.000Z","cveId":"CVE-2026-44163","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":["fluent-plugin-opentelemetry@<= 0.5.2 (fixed: 0.5.3)"],"affectedVendors":[],"affectedVendorsRaw":[],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-06-26T17:22:37.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["availability"],"aiComponentTargeted":"inference","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}