18 matches found
[SECURITY] Fedora 44 Update: python-cbor2-5.6.5-8.fc44
This library provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 7049 serialization format...
[SECURITY] Fedora 42 Update: python-cbor2-5.6.5-8.fc42
This library provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 7049 serialization format...
[SECURITY] Fedora 43 Update: python-cbor2-5.6.5-8.fc43
This library provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 7049 serialization format...
UBUNTU-CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
SUSE CVE-2025-68131
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...
CVE-2025-68131
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...
Linux Distros Unpatched Vulnerability : CVE-2024-26134
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to...
CVE-2024-23684
Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...
SUSE CVE-2024-26134
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a...
Design/Logic Flaw
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a...
CVE-2024-26134
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a...
PT-2024-40687 · Fasterxml · Jackson Dataformat Cbor
Name of the Vulnerable Software and Affected Versions: Jackson dataformat CBOR affected versions not specified Description: The issue is related to a security exception in the Jackson dataformat CBOR library. The crash occurs in the java.base/java.util.Arrays.copyOf method, which is called by...
GHSA-HFJ8-63C8-RMFW Duplicate Advisory: Inefficient Algorithmic Complexity in com.upokecenter:cbor
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-36p8-mvp6-cv38. This link is maintained to preserve external references. Original Description Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise...
CVE-2024-23684 upokecenter CBOR Denial of Service
Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...
CVE-2024-23684 upokecenter CBOR Denial of Service
Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...
CVE-2024-23684
CVE-2024-23684 affects the Java CBOR library from com.upokecenter (CBOR) versions 4.0.0–4.5.1. The issue is an inefficient algorithmic path in DecodeFromBytes that can be exploited by a malicious input to cause a denial of service. The NVD entry notes a remote attacker scenario depending on appli...
CBOR Security Breach
CBOR is a C implementation of Concise Binary Object Representation by the individual developer Peter Occil. A security vulnerability exists in Concise Binary Object Representation CBOR versions 4.0.0 through 4.5.1. An attacker could exploit this vulnerability to cause a denial of service by passi...
DEBIAN-CVE-2023-4512
CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file...