3 matches found
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the getbyteinc function during CBOR parsing in OSCORE negotiation. An attacker can access sensitive memory contents or cause a heap buffer overflow by sending specially crafted CoAP requests with malformed OSCORE...
PT-2026-33518
Name of the Vulnerable Software and Affected Versions libcoap affected versions not specified Description An issue exists in the OSCORE Appendix B.2 CBOR unwrap handling where the function get byte inc in src/oscore/oscore cbor.c relies exclusively on assert for bounds checking. Since assert is...
UBUNTU-CVE-2019-25001
An issue was discovered in the serdecbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags...