[SECURITY] Fedora 43 Update: python-cbor2-5.6.5-8.fc43

This library provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 7049 serialization format...

Linux Distros Unpatched Vulnerability : CVE-2024-26134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to...

CVE-2024-23684

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

SUSE CVE-2024-26134

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a...

CVE-2024-26134

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a...

Design/Logic Flaw

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a...

PT-2024-40687 · Fasterxml · Jackson Dataformat Cbor

Name of the Vulnerable Software and Affected Versions: Jackson dataformat CBOR affected versions not specified Description: The issue is related to a security exception in the Jackson dataformat CBOR library. The crash occurs in the java.base/java.util.Arrays.copyOf method, which is called by...

GHSA-HFJ8-63C8-RMFW Duplicate Advisory: Inefficient Algorithmic Complexity in com.upokecenter:cbor

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-36p8-mvp6-cv38. This link is maintained to preserve external references. Original Description Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise...

CVE-2024-23684 upokecenter CBOR Denial of Service

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

CVE-2024-23684 upokecenter CBOR Denial of Service

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

CVE-2024-23684

CVE-2024-23684 affects the Java CBOR library from com.upokecenter (CBOR) versions 4.0.0–4.5.1. The issue is an inefficient algorithmic path in DecodeFromBytes that can be exploited by a malicious input to cause a denial of service. The NVD entry notes a remote attacker scenario depending on appli...

CBOR Security Breach

CBOR is a C implementation of Concise Binary Object Representation by the individual developer Peter Occil. A security vulnerability exists in Concise Binary Object Representation CBOR versions 4.0.0 through 4.5.1. An attacker could exploit this vulnerability to cause a denial of service by passi...

DEBIAN-CVE-2023-4512

CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file...