CVE-2024-23684

CVE-2024-23684 affects the Java CBOR library from com.upokecenter (CBOR) versions 4.0.0–4.5.1. The issue is an inefficient algorithmic path in DecodeFromBytes that can be exploited by a malicious input to cause a denial of service. The NVD entry notes a remote attacker scenario depending on appli...

Duplicate Advisory: Denial of service in CBOR library

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6r92-cgxc-r5fg. This link is maintained to preserve external references. Original Description PeterO.Cbor versions 4.0.0 through 4.5.0 are vulnerable to a denial of service vulnerability. An attacker may trigger...

CVE-2024-21909

PeterO.Cbor versions 4.0.0 through 4.5.0 are vulnerable to a denial of service vulnerability. An attacker may trigger the denial of service condition by providing crafted data to the DecodeFromBytes or other decoding mechanisms in PeterO.Cbor. Depending on the usage of the library, an...

CVE-2024-21909

PeterO.Cbor versions 4.0.0 through 4.5.0 are vulnerable to a denial of service vulnerability. An attacker may trigger the denial of service condition by providing crafted data to the DecodeFromBytes or other decoding mechanisms in PeterO.Cbor. Depending on the usage of the library, an...

CVE-2024-21909 Denial of service in CBOR library

PeterO.Cbor versions 4.0.0 through 4.5.0 are vulnerable to a denial of service vulnerability. An attacker may trigger the denial of service condition by providing crafted data to the DecodeFromBytes or other decoding mechanisms in PeterO.Cbor. Depending on the usage of the library, an...

Denial of service in CBOR library

Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...

GHSA-FJ2W-WFGV-MWQ6 Denial of service in CBOR library

Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...

PT-2022-28165 · Unknown · Com.Upokecenter.Cbor

Name of the Vulnerable Software and Affected Versions: com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 through 4.5.1 Description: The issue is related to inefficient algorithmic complexity in the DecodeFromBytes function, which allows an attack...