14 matches found
Uncontrolled Recursion
Overview @stablelib/cbor is a CBOR encoder and decoder Affected versions of this package are vulnerable to Uncontrolled Recursion when decoding. An attacker can cause the application to crash or terminate unexpectedly by supplying a deeply nested, attacker-controlled CBOR payload that exhausts th...
EUVD-2026-14478
cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads...
python311-cbor2-5.8.0-2.1 on GA media (moderate)
python311-cbor2-5.8.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10014-1 Rating: moderate Cross-References: CVE-2025-68131 CVSS scores: CVE-2025-68131 SUSE : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2025-68131 SUSE : 6.8...
CVE-2025-68131
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...
GHSA-HF3R-VMRV-7W29 Duplicate Advisory: Denial of service in CBOR library
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6r92-cgxc-r5fg. This link is maintained to preserve external references. Original Description PeterO.Cbor versions 4.0.0 through 4.5.0 are vulnerable to a denial of service vulnerability. An attacker may trigger...
CVE-2024-21909 Denial of service in CBOR library
PeterO.Cbor versions 4.0.0 through 4.5.0 are vulnerable to a denial of service vulnerability. An attacker may trigger the denial of service condition by providing crafted data to the DecodeFromBytes or other decoding mechanisms in PeterO.Cbor. Depending on the usage of the library, an...
Denial of service in CBOR library
Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...
GHSA-6R92-CGXC-R5FG Denial of service in CBOR library
Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...
GHSA-FJ2W-WFGV-MWQ6 Denial of service in CBOR library
Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...
Denial of service in CBOR library
Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...
PT-2022-28165 · Unknown · Com.Upokecenter.Cbor
Name of the Vulnerable Software and Affected Versions: com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 through 4.5.1 Description: The issue is related to inefficient algorithmic complexity in the DecodeFromBytes function, which allows an attack...
GHSA-CXW4-9QV9-VX5H High severity vulnerability that affects PeterO.Cbor
Impact The CBOR library supports optional tags that enable CBOR objects to contain references to objects within them. Versions earlier than 4.0 resolved those references automatically. While this by itself doesn't cause much of a security problem, a denial of service can happen if those reference...
High severity vulnerability that affects PeterO.Cbor
Impact The CBOR library supports optional tags that enable CBOR objects to contain references to objects within them. Versions earlier than 4.0 resolved those references automatically. While this by itself doesn't cause much of a security problem, a denial of service can happen if those reference...
CVE-2019-9403
In cn-cbor, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113512324...