Lucene search
K

9 matches found

OSV
OSV
added 2026/06/25 9:25 p.m.4 views

GHSA-W567-GJR2-HM5J MessagePack-CSharp: Unity unsafe blit formatter allocates from unbounded byte length

Summary UnsafeBlitFormatterBase.Deserialize reads an attacker-controlled byteLength from an extension payload and allocates an array based on that value before validating it against the extension header length or remaining payload bytes. The outer extension header is bounded by available input, b...

6.3CVSS5.9AI score0.00231EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 10:16 p.m.11 views

CVE-2026-48514

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase.Deserialize reads an attacker-controlled byteLength from an extension payload and allocates an array based on that value before validating it against the extension header length or remaining...

7.5CVSS0.00231EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 9:11 p.m.5 views

CVE-2026-48514

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase.Deserialize reads an attacker-controlled byteLength from an extension payload and allocates an array based on that value before validating it against the extension header length or remaining...

7.5CVSS5.9AI score0.00231EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.17 views

PT-2026-51398

Name of the Vulnerable Software and Affected Versions MessagePack for C versions prior to 2.5.301 MessagePack for C versions prior to 3.1.7 Description The UnsafeBlitFormatterBase.Deserialize function reads an attacker-controlled byteLength from an extension payload and allocates an array based o...

7.5CVSS5.9AI score0.00231EPSS
Exploits0References6
Veracode
Veracode
added 2026/01/07 6:16 a.m.9 views

Denial-of-Service (DoS)

MessagePack for Java is vulnerable to a Denial-Of-Service DoS . The vulnerability is due to unbounded memory allocation during deserialization, where the library trusts attacker-controlled EXT32 payload length metadata and allocates a byte array of that declared size when ExtensionValue.getData i...

7.5CVSS6.6AI score0.0055EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/01/05 2:59 p.m.11 views

MessagePack for Java Vulnerable to Remote DoS via Malicious EXT Payload Allocation

Summary Affected Components: org.msgpack.core.MessageUnpacker.readPayload org.msgpack.core.MessageUnpacker.unpackValue org.msgpack.value.ExtensionValue.getData A denial-of-service vulnerability exists in MessagePack for Java when deserializing .msgpack files containing EXT32 objects with...

7.5CVSS6.6AI score0.0055EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-21452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MessagePack for Java is a serializer implementation for Java. A denial-of-service vulnerability exists in versions prior to 0.9.11 when deserializing .msgpack...

7.5CVSS6.9AI score0.0055EPSS
Exploits1References3
NVD
NVD
added 2026/01/02 9:16 p.m.13 views

CVE-2026-21452

MessagePack for Java is a serializer implementation for Java. A denial-of-service vulnerability exists in versions prior to 0.9.11 when deserializing .msgpack files containing EXT32 objects with attacker-controlled payload lengths. While MessagePack-Java parses extension headers lazily, it later...

7.5CVSS0.0055EPSS
Exploits1References3
OSV
OSV
added 2026/01/02 8:47 p.m.5 views

CVE-2026-21452 MessagePack-Java Vulnerable to Remote Denial of Service via Malicious .msgpack Model File Triggering Unbounded EXT Payload Allocation

MessagePack for Java is a serializer implementation for Java. A denial-of-service vulnerability exists in versions prior to 0.9.11 when deserializing .msgpack files containing EXT32 objects with attacker-controlled payload lengths. While MessagePack-Java parses extension headers lazily, it later...

7.5CVSS6.5AI score0.0055EPSS
Exploits1References5
Rows per page
Query Builder