CVE-2026-29181

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-29181
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-29181.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-29181
Aliases
Downstream
Related
Published
2026-04-07T20:29:13.933Z
Modified
2026-05-18T05:59:45.631598111Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)
Details

OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.36.0 to 1.40.0, multi-value baggage: header extraction parses each header field-value independently and aggregates members across values. This allows an attacker to amplify cpu and allocations by sending many baggage: header lines, even when each individual value is within the 8192-byte per-value parse limit. This vulnerability is fixed in 1.41.0.

Database specific 
{
    "cwe_ids": [
        "CWE-770"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/29xxx/CVE-2026-29181.json",
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git
github.com/open-telemetry/opentelemetry-go

Affected ranges

Type
GIT
Repo
https://github.com/open-telemetry/opentelemetry-go
Events
Introduced
a85ae98dcedc0761078518a715dea53e519b4846
Fixed
4575a9774dd9415ffc858dd34955493b0031065a
Database specific 
{
    "extracted_events": [
        {
            "introduced": "1.36.0"
        },
        {
            "fixed": "1.41.0"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:opentelemetry:opentelemetry:*:*:*:*:*:go:*:*"
}

Affected versions

bridge/opencensus/test/v1.*
bridge/opencensus/test/v1.36.0
bridge/opencensus/test/v1.37.0
bridge/opencensus/test/v1.38.0
bridge/opencensus/test/v1.39.0
bridge/opencensus/test/v1.40.0
bridge/opencensus/v1.*
bridge/opencensus/v1.36.0
bridge/opencensus/v1.37.0
bridge/opencensus/v1.38.0
bridge/opencensus/v1.39.0
bridge/opencensus/v1.40.0
bridge/opentracing/test/v1.*
bridge/opentracing/test/v1.36.0
bridge/opentracing/v1.*
bridge/opentracing/v1.36.0
bridge/opentracing/v1.37.0
bridge/opentracing/v1.38.0
bridge/opentracing/v1.39.0
bridge/opentracing/v1.40.0
exporters/otlp/otlplog/otlploggrpc/v0.*
exporters/otlp/otlplog/otlploggrpc/v0.12.0
exporters/otlp/otlplog/otlploggrpc/v0.12.1
exporters/otlp/otlplog/otlploggrpc/v0.12.2
exporters/otlp/otlplog/otlploggrpc/v0.13.0
exporters/otlp/otlplog/otlploggrpc/v0.14.0
exporters/otlp/otlplog/otlploggrpc/v0.15.0
exporters/otlp/otlplog/otlploggrpc/v0.16.0
exporters/otlp/otlplog/otlploghttp/v0.*
exporters/otlp/otlplog/otlploghttp/v0.12.0
exporters/otlp/otlplog/otlploghttp/v0.12.1
exporters/otlp/otlplog/otlploghttp/v0.12.2
exporters/otlp/otlplog/otlploghttp/v0.13.0
exporters/otlp/otlplog/otlploghttp/v0.14.0
exporters/otlp/otlplog/otlploghttp/v0.15.0
exporters/otlp/otlplog/otlploghttp/v0.16.0
exporters/otlp/otlpmetric/otlpmetricgrpc/v1.*
exporters/otlp/otlpmetric/otlpmetricgrpc/v1.36.0
exporters/otlp/otlpmetric/otlpmetricgrpc/v1.37.0
exporters/otlp/otlpmetric/otlpmetricgrpc/v1.38.0
exporters/otlp/otlpmetric/otlpmetricgrpc/v1.39.0
exporters/otlp/otlpmetric/otlpmetricgrpc/v1.40.0
exporters/otlp/otlpmetric/otlpmetrichttp/v1.*
exporters/otlp/otlpmetric/otlpmetrichttp/v1.36.0
exporters/otlp/otlpmetric/otlpmetrichttp/v1.37.0
exporters/otlp/otlpmetric/otlpmetrichttp/v1.38.0
exporters/otlp/otlpmetric/otlpmetrichttp/v1.39.0
exporters/otlp/otlpmetric/otlpmetrichttp/v1.40.0
exporters/otlp/otlptrace/otlptracegrpc/v1.*
exporters/otlp/otlptrace/otlptracegrpc/v1.36.0
exporters/otlp/otlptrace/otlptracegrpc/v1.37.0
exporters/otlp/otlptrace/otlptracegrpc/v1.38.0
exporters/otlp/otlptrace/otlptracegrpc/v1.39.0
exporters/otlp/otlptrace/otlptracegrpc/v1.40.0
exporters/otlp/otlptrace/otlptracehttp/v1.*
exporters/otlp/otlptrace/otlptracehttp/v1.36.0
exporters/otlp/otlptrace/otlptracehttp/v1.37.0
exporters/otlp/otlptrace/otlptracehttp/v1.38.0
exporters/otlp/otlptrace/otlptracehttp/v1.39.0
exporters/otlp/otlptrace/otlptracehttp/v1.40.0
exporters/otlp/otlptrace/v1.*
exporters/otlp/otlptrace/v1.36.0
exporters/otlp/otlptrace/v1.37.0
exporters/otlp/otlptrace/v1.38.0
exporters/otlp/otlptrace/v1.39.0
exporters/otlp/otlptrace/v1.40.0
exporters/prometheus/v0.*
exporters/prometheus/v0.58.0
exporters/prometheus/v0.59.0
exporters/prometheus/v0.59.1
exporters/prometheus/v0.60.0
exporters/prometheus/v0.61.0
exporters/prometheus/v0.62.0
exporters/stdout/stdoutlog/v0.*
exporters/stdout/stdoutlog/v0.12.0
exporters/stdout/stdoutlog/v0.12.1
exporters/stdout/stdoutlog/v0.12.2
exporters/stdout/stdoutlog/v0.13.0
exporters/stdout/stdoutlog/v0.14.0
exporters/stdout/stdoutlog/v0.15.0
exporters/stdout/stdoutlog/v0.16.0
exporters/stdout/stdoutmetric/v1.*
exporters/stdout/stdoutmetric/v1.36.0
exporters/stdout/stdoutmetric/v1.37.0
exporters/stdout/stdoutmetric/v1.38.0
exporters/stdout/stdoutmetric/v1.39.0
exporters/stdout/stdoutmetric/v1.40.0
exporters/stdout/stdouttrace/v1.*
exporters/stdout/stdouttrace/v1.36.0
exporters/stdout/stdouttrace/v1.37.0
exporters/stdout/stdouttrace/v1.38.0
exporters/stdout/stdouttrace/v1.39.0
exporters/stdout/stdouttrace/v1.40.0
exporters/zipkin/v1.*
exporters/zipkin/v1.36.0
exporters/zipkin/v1.37.0
exporters/zipkin/v1.38.0
exporters/zipkin/v1.39.0
exporters/zipkin/v1.40.0
log/logtest/v0.*
log/logtest/v0.13.0
log/logtest/v0.14.0
log/logtest/v0.15.0
log/logtest/v0.16.0
log/v0.*
log/v0.12.0
log/v0.12.1
log/v0.12.2
log/v0.13.0
log/v0.14.0
log/v0.15.0
log/v0.16.0
metric/v1.*
metric/v1.36.0
metric/v1.37.0
metric/v1.38.0
metric/v1.39.0
metric/v1.40.0
schema/v0.*
schema/v0.0.13
schema/v0.0.14
sdk/log/logtest/v0.*
sdk/log/logtest/v0.13.0
sdk/log/logtest/v0.14.0
sdk/log/logtest/v0.15.0
sdk/log/logtest/v0.16.0
sdk/log/v0.*
sdk/log/v0.12.0
sdk/log/v0.12.1
sdk/log/v0.12.2
sdk/log/v0.13.0
sdk/log/v0.14.0
sdk/log/v0.15.0
sdk/log/v0.16.0
sdk/metric/v1.*
sdk/metric/v1.36.0
sdk/metric/v1.37.0
sdk/metric/v1.38.0
sdk/metric/v1.39.0
sdk/metric/v1.40.0
sdk/v1.*
sdk/v1.36.0
sdk/v1.37.0
sdk/v1.38.0
sdk/v1.39.0
sdk/v1.40.0
trace/v1.*
trace/v1.36.0
trace/v1.37.0
trace/v1.38.0
trace/v1.39.0
trace/v1.40.0
v1.*
v1.36.0
v1.37.0
v1.38.0
v1.39.0
v1.40.0

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-29181.json"
github.com/open-telemetry/opentelemetry-go-contrib

Affected ranges

Type
GIT
Repo
https://github.com/open-telemetry/opentelemetry-go-contrib
Events
Introduced
934fb13b40419cc512bb56556f77d29a2f29d202
Fixed
07fa42463ccd05b067b0939aa4f1c57673ac6d6d
Database specific 
{
    "extracted_events": [
        {
            "introduced": "1.36.0"
        },
        {
            "fixed": "1.41.0"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:opentelemetry:opentelemetry:*:*:*:*:*:go:*:*"
}

Affected versions

bridges/otellogr/v0.*
bridges/otellogr/v0.11.0
bridges/otellogr/v0.12.0
bridges/otellogr/v0.13.0
bridges/otellogr/v0.14.0
bridges/otellogr/v0.15.0
bridges/otellogrus/v0.*
bridges/otellogrus/v0.11.0
bridges/otellogrus/v0.12.0
bridges/otellogrus/v0.13.0
bridges/otellogrus/v0.14.0
bridges/otellogrus/v0.15.0
bridges/otelslog/v0.*
bridges/otelslog/v0.11.0
bridges/otelslog/v0.12.0
bridges/otelslog/v0.13.0
bridges/otelslog/v0.14.0
bridges/otelslog/v0.15.0
bridges/otelzap/v0.*
bridges/otelzap/v0.11.0
bridges/otelzap/v0.12.0
bridges/otelzap/v0.13.0
bridges/otelzap/v0.14.0
bridges/otelzap/v0.15.0
bridges/prometheus/v0.*
bridges/prometheus/v0.61.0
bridges/prometheus/v0.62.0
bridges/prometheus/v0.63.0
bridges/prometheus/v0.64.0
bridges/prometheus/v0.65.0
detectors/autodetect/v0.*
detectors/autodetect/v0.10.0
detectors/autodetect/v0.11.0
detectors/autodetect/v0.12.0
detectors/aws/ec2/v1.*
detectors/aws/ec2/v1.36.0
detectors/aws/ec2/v1.37.0
detectors/aws/ec2/v1.38.0
detectors/aws/ec2/v2.*
detectors/aws/ec2/v2.0.0
detectors/aws/ec2/v2.1.0
detectors/aws/ec2/v2.2.0
detectors/aws/ec2/v2/v2.*
detectors/aws/ec2/v2/v2.0.0
detectors/aws/ecs/v1.*
detectors/aws/ecs/v1.36.0
detectors/aws/ecs/v1.37.0
detectors/aws/ecs/v1.38.0
detectors/aws/ecs/v1.39.0
detectors/aws/ecs/v1.40.0
detectors/aws/eks/v1.*
detectors/aws/eks/v1.36.0
detectors/aws/eks/v1.37.0
detectors/aws/eks/v1.38.0
detectors/aws/eks/v1.39.0
detectors/aws/eks/v1.40.0
detectors/aws/lambda/v0.*
detectors/aws/lambda/v0.61.0
detectors/aws/lambda/v0.62.0
detectors/aws/lambda/v0.63.0
detectors/aws/lambda/v0.64.0
detectors/aws/lambda/v0.65.0
detectors/azure/azurevm/v0.*
detectors/azure/azurevm/v0.10.0
detectors/azure/azurevm/v0.11.0
detectors/azure/azurevm/v0.12.0
detectors/azure/azurevm/v0.8.0
detectors/azure/azurevm/v0.9.0
detectors/gcp/v1.*
detectors/gcp/v1.36.0
detectors/gcp/v1.37.0
detectors/gcp/v1.38.0
detectors/gcp/v1.39.0
detectors/gcp/v1.40.0
exporters/autoexport/v0.*
exporters/autoexport/v0.61.0
exporters/autoexport/v0.62.0
exporters/autoexport/v0.63.0
exporters/autoexport/v0.64.0
exporters/autoexport/v0.65.0
instrumentation/github.*
instrumentation/github.com/aws/aws-lambda-go/otellambda/example/v0.61.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/example/v0.62.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/example/v0.63.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/example/v0.64.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/example/v0.65.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/test/v0.61.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/v0.61.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/v0.62.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/v0.63.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/v0.64.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/v0.65.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/xrayconfig/v0.61.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/xrayconfig/v0.62.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/xrayconfig/v0.63.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/xrayconfig/v0.64.0
instrumentation/github.com/aws/aws-lambda-go/otellambda/xrayconfig/v0.65.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/example/v0.61.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/example/v0.62.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/example/v0.63.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/example/v0.64.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/example/v0.65.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/test/v0.61.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/v0.61.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/v0.62.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/v0.63.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/v0.64.0
instrumentation/github.com/aws/aws-sdk-go-v2/otelaws/v0.65.0
instrumentation/github.com/emicklei/go-restful/otelrestful/internal/semconv/test/v0.61.0
instrumentation/github.com/emicklei/go-restful/otelrestful/test/v0.61.0
instrumentation/github.com/emicklei/go-restful/otelrestful/v0.61.0
instrumentation/github.com/emicklei/go-restful/otelrestful/v0.62.0
instrumentation/github.com/emicklei/go-restful/otelrestful/v0.63.0
instrumentation/github.com/emicklei/go-restful/otelrestful/v0.64.0
instrumentation/github.com/emicklei/go-restful/otelrestful/v0.65.0
instrumentation/github.com/gin-gonic/gin/otelgin/internal/semconv/test/v0.61.0
instrumentation/github.com/gin-gonic/gin/otelgin/test/v0.61.0
instrumentation/github.com/gin-gonic/gin/otelgin/v0.61.0
instrumentation/github.com/gin-gonic/gin/otelgin/v0.62.0
instrumentation/github.com/gin-gonic/gin/otelgin/v0.63.0
instrumentation/github.com/gin-gonic/gin/otelgin/v0.64.0
instrumentation/github.com/gin-gonic/gin/otelgin/v0.65.0
instrumentation/github.com/gorilla/mux/otelmux/internal/semconv/test/v0.61.0
instrumentation/github.com/gorilla/mux/otelmux/test/v0.61.0
instrumentation/github.com/gorilla/mux/otelmux/v0.61.0
instrumentation/github.com/gorilla/mux/otelmux/v0.62.0
instrumentation/github.com/gorilla/mux/otelmux/v0.63.0
instrumentation/github.com/gorilla/mux/otelmux/v0.64.0
instrumentation/github.com/gorilla/mux/otelmux/v0.65.0
instrumentation/github.com/labstack/echo/otelecho/example/v0.61.0
instrumentation/github.com/labstack/echo/otelecho/example/v0.62.0
instrumentation/github.com/labstack/echo/otelecho/example/v0.63.0
instrumentation/github.com/labstack/echo/otelecho/example/v0.64.0
instrumentation/github.com/labstack/echo/otelecho/example/v0.65.0
instrumentation/github.com/labstack/echo/otelecho/test/v0.61.0
instrumentation/github.com/labstack/echo/otelecho/v0.61.0
instrumentation/github.com/labstack/echo/otelecho/v0.62.0
instrumentation/github.com/labstack/echo/otelecho/v0.63.0
instrumentation/github.com/labstack/echo/otelecho/v0.64.0
instrumentation/github.com/labstack/echo/otelecho/v0.65.0
instrumentation/go.*
instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/test/v0.61.0
instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/test/v0.62.0
instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/test/v0.63.0
instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/test/v0.64.0
instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/test/v0.65.0
instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/v0.61.0
instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/v0.62.0
instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/v0.63.0
instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/v0.64.0
instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/v0.65.0
instrumentation/google.*
instrumentation/google.golang.org/grpc/otelgrpc/example/v0.61.0
instrumentation/google.golang.org/grpc/otelgrpc/example/v0.62.0
instrumentation/google.golang.org/grpc/otelgrpc/example/v0.63.0
instrumentation/google.golang.org/grpc/otelgrpc/example/v0.64.0
instrumentation/google.golang.org/grpc/otelgrpc/example/v0.65.0
instrumentation/google.golang.org/grpc/otelgrpc/test/v0.61.0
instrumentation/google.golang.org/grpc/otelgrpc/v0.61.0
instrumentation/google.golang.org/grpc/otelgrpc/v0.62.0
instrumentation/google.golang.org/grpc/otelgrpc/v0.63.0
instrumentation/google.golang.org/grpc/otelgrpc/v0.64.0
instrumentation/google.golang.org/grpc/otelgrpc/v0.65.0
instrumentation/host/example/v0.*
instrumentation/host/example/v0.61.0
instrumentation/host/example/v0.62.0
instrumentation/host/example/v0.63.0
instrumentation/host/example/v0.64.0
instrumentation/host/example/v0.65.0
instrumentation/host/v0.*
instrumentation/host/v0.61.0
instrumentation/host/v0.62.0
instrumentation/host/v0.63.0
instrumentation/host/v0.64.0
instrumentation/host/v0.65.0
instrumentation/net/http/httptrace/otelhttptrace/example/v0.*
instrumentation/net/http/httptrace/otelhttptrace/example/v0.61.0
instrumentation/net/http/httptrace/otelhttptrace/example/v0.62.0
instrumentation/net/http/httptrace/otelhttptrace/example/v0.63.0
instrumentation/net/http/httptrace/otelhttptrace/example/v0.64.0
instrumentation/net/http/httptrace/otelhttptrace/example/v0.65.0
instrumentation/net/http/httptrace/otelhttptrace/internal/semconv/test/v0.*
instrumentation/net/http/httptrace/otelhttptrace/internal/semconv/test/v0.61.0
instrumentation/net/http/httptrace/otelhttptrace/test/v0.*
instrumentation/net/http/httptrace/otelhttptrace/test/v0.61.0
instrumentation/net/http/httptrace/otelhttptrace/v0.*
instrumentation/net/http/httptrace/otelhttptrace/v0.61.0
instrumentation/net/http/httptrace/otelhttptrace/v0.62.0
instrumentation/net/http/httptrace/otelhttptrace/v0.63.0
instrumentation/net/http/httptrace/otelhttptrace/v0.64.0
instrumentation/net/http/httptrace/otelhttptrace/v0.65.0
instrumentation/net/http/otelhttp/example/v0.*
instrumentation/net/http/otelhttp/example/v0.61.0
instrumentation/net/http/otelhttp/example/v0.62.0
instrumentation/net/http/otelhttp/example/v0.63.0
instrumentation/net/http/otelhttp/example/v0.64.0
instrumentation/net/http/otelhttp/example/v0.65.0
instrumentation/net/http/otelhttp/internal/semconv/test/v0.*
instrumentation/net/http/otelhttp/internal/semconv/test/v0.61.0
instrumentation/net/http/otelhttp/v0.*
instrumentation/net/http/otelhttp/v0.61.0
instrumentation/net/http/otelhttp/v0.62.0
instrumentation/net/http/otelhttp/v0.63.0
instrumentation/net/http/otelhttp/v0.64.0
instrumentation/net/http/otelhttp/v0.65.0
instrumentation/runtime/v0.*
instrumentation/runtime/v0.61.0
instrumentation/runtime/v0.62.0
instrumentation/runtime/v0.63.0
instrumentation/runtime/v0.64.0
instrumentation/runtime/v0.65.0
otelconf/v0.*
otelconf/v0.16.0
otelconf/v0.17.0
otelconf/v0.18.0
otelconf/v0.19.0
otelconf/v0.20.0
processors/baggagecopy/v0.*
processors/baggagecopy/v0.10.0
processors/baggagecopy/v0.11.0
processors/baggagecopy/v0.12.0
processors/baggagecopy/v0.13.0
processors/baggagecopy/v0.9.0
processors/minsev/v0.*
processors/minsev/v0.10.0
processors/minsev/v0.11.0
processors/minsev/v0.12.0
processors/minsev/v0.13.0
processors/minsev/v0.9.0
propagators/autoprop/v0.*
propagators/autoprop/v0.61.0
propagators/autoprop/v0.62.0
propagators/autoprop/v0.63.0
propagators/autoprop/v0.64.0
propagators/autoprop/v0.65.0
propagators/aws/v1.*
propagators/aws/v1.36.0
propagators/aws/v1.37.0
propagators/aws/v1.38.0
propagators/aws/v1.39.0
propagators/aws/v1.40.0
propagators/b3/v1.*
propagators/b3/v1.36.0
propagators/b3/v1.37.0
propagators/b3/v1.38.0
propagators/b3/v1.39.0
propagators/b3/v1.40.0
propagators/jaeger/v1.*
propagators/jaeger/v1.36.0
propagators/jaeger/v1.37.0
propagators/jaeger/v1.38.0
propagators/jaeger/v1.39.0
propagators/jaeger/v1.40.0
propagators/opencensus/examples/v0.*
propagators/opencensus/examples/v0.61.0
propagators/opencensus/examples/v0.62.0
propagators/opencensus/examples/v0.63.0
propagators/opencensus/examples/v0.64.0
propagators/opencensus/examples/v0.65.0
propagators/opencensus/v0.*
propagators/opencensus/v0.61.0
propagators/opencensus/v0.62.0
propagators/opencensus/v0.63.0
propagators/opencensus/v0.64.0
propagators/opencensus/v0.65.0
propagators/ot/v1.*
propagators/ot/v1.36.0
propagators/ot/v1.37.0
propagators/ot/v1.38.0
propagators/ot/v1.39.0
propagators/ot/v1.40.0
samplers/jaegerremote/example/v0.*
samplers/jaegerremote/example/v0.30.0
samplers/jaegerremote/example/v0.31.0
samplers/jaegerremote/example/v0.32.0
samplers/jaegerremote/example/v0.33.0
samplers/jaegerremote/example/v0.34.0
samplers/jaegerremote/v0.*
samplers/jaegerremote/v0.30.0
samplers/jaegerremote/v0.31.0
samplers/jaegerremote/v0.32.0
samplers/jaegerremote/v0.33.0
samplers/jaegerremote/v0.34.0
samplers/probability/consistent/v0.*
samplers/probability/consistent/v0.30.0
samplers/probability/consistent/v0.31.0
samplers/probability/consistent/v0.32.0
samplers/probability/consistent/v0.33.0
samplers/probability/consistent/v0.34.0
tools/v1.*
tools/v1.36.0
tools/v1.37.0
tools/v1.38.0
tools/v1.39.0
tools/v1.40.0
v1.*
v1.36.0
v1.37.0
v1.38.0
v1.39.0
v1.40.0
zpages/v0.*
zpages/v0.61.0
zpages/v0.62.0
zpages/v0.63.0
zpages/v0.64.0
zpages/v0.65.0

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-29181.json"