Denial Of Service

go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc is vulnerable to Denial of Service. The vulnerability is caused by the grpc unary server interceptor having out of the box labels. The labels net.peer.sock.addr and net.peer.sock.port have unbound cardinality. This leads to potential memory exhaustion when many malicious requests are…Read More