Czechboy0

**Name of the Vulnerable Software and Affected Versions** Swift W3C TraceContext versions prior to 1.0.0-beta.5 Swift OTel versions prior to 1.0.4 **Description** A flaw exists in Swift W3C TraceContext and Swift OTel due to insufficient input validation. This can lead to a denial-of-service condition, potentially crashing the service when processing malformed HTTP headers. The issue arises from data received over the network, such as when used with an HTTP server. A workaround involves disabling either Swift OTel or the code responsible for extracting trace information from incoming headers. **Recommendations** Update Swift W3C TraceContext to version 1.0.0-beta.5 or later. Update Swift OTel to version 1.0.4 or later. As a temporary workaround, disable Swift OTel. As a temporary workaround, disable the code that extracts trace information from incoming headers.