Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption.
Advisories for Golang/Go.opentelemetry.io/Collector/Config/Configgrpc package
2024