3 matches found
Prototype Pollution
Overview @stablelib/cbor is a CBOR encoder and decoder Affected versions of this package are vulnerable to Prototype Pollution via the CBOR decoding process. An attacker can manipulate the prototype of decoded objects by supplying specially crafted map keys, such as proto, which can lead to...
cbor2 安全漏洞
cbor2 is a binary object representation serialization format encoding and decoding library developed by Alex Grönholm as an individual developer. Versions of cbor2 prior to 5.9.0 contained security vulnerabilities. These vulnerabilities stemmed from uncontrolled recursion when decoding deeply...
Algorithmic Complexity
Overview PeterO.Cbor is a C implementation of Concise Binary Object Representation CBOR. Affected versions of this package are vulnerable to Algorithmic Complexity due to use of an inefficient algorithm in the DecodeFromBytes or other decoding mechanisms. An attacker can cause a denial of service...