—
GO-2026-5281
opentelemetry-go's Schema ParseFile leaks file descriptors on each parse in go.opentelemetry.io/otel/schema
Details
opentelemetry-go's Schema ParseFile leaks file descriptors on each parse in go.opentelemetry.io/otel/schema
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / go.opentelemetry.io/otel/schema
Introduced in:
0 Fixed in: 0.0.17 Fix
go get go.opentelemetry.io/otel/schema@v0.0.17 References
- https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-995v-fvrw-c78m [ADVISORY]
- https://nvd.nist.gov/vuln/detail/CVE-2026-45287 [ADVISORY]
- https://github.com/open-telemetry/opentelemetry-go/commit/e72a235518cb773137efd80336a179028bc34684 [WEB]
- https://github.com/open-telemetry/opentelemetry-go/commit/f12d198f161b61735d65705248715aa97021ba8d [WEB]