cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads

Summary - The cbor2 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. - This vulnerability affects both the pure Python implementation and the C extension cbor2. The C extension correctly uses Python's C-API for...

GHSA-3C37-WWVX-H642 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads

Summary - The cbor2 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. - This vulnerability affects both the pure Python implementation and the C extension cbor2. The C extension correctly uses Python's C-API for...

UBUNTU-CVE-2026-26209

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

CVE-2026-26209

The CVE-2026-26209 issue affects the Python library cbor2 (including the C extension _cbor2) prior to version 5.9.0. The root cause is uncontrolled recursion when decoding deeply nested CBOR structures, as the C extension relies on Python’s Py_EnterRecursiveCall rather than a data-driven depth li...

CVE-2026-26209

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

CVE-2026-26209

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

cbor2 安全漏洞

cbor2 is a binary object representation serialization format encoding and decoding library developed by Alex Grönholm as an individual developer. Versions of cbor2 prior to 5.9.0 contained security vulnerabilities. These vulnerabilities stemmed from uncontrolled recursion when decoding deeply...