Lucene search
K

4 matches found

UbuntuCve
UbuntuCve
added 2025/12/31 2:15 a.m.2 views

CVE-2025-68131

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...

7.5CVSS5.8AI score0.00423EPSS
Exploits1References3
CVE
CVE
added 2025/12/31 1:15 a.m.40 views

CVE-2025-68131

CVE-2025-68131 (cbor2) affects the cbor2 library’s CBORDecoder when reusing a decoder across trust boundaries. Versions 3.0.0–before 5.8.0 may retain shareable-tag (28) values in memory, allowing an attacker-controlled message to read data from earlier decoded messages via the sharedref tag (29)....

7.5CVSS6.4AI score0.00423EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-68131

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8....

7.5CVSS7.4AI score0.00423EPSS
Exploits1References3
OSV
OSV
added 2024/03/31 12:6 a.m.3 views

OSV-2024-222 Security exception in co.nstant.in.cbor.CborDecoder.decodeNext

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67637 Crash type: Security exception Crash state: co.nstant.in.cbor.CborDecoder.decodeNext java.base/jdk.internal.misc.Unsafe.putByte jdk.unsupported/sun.misc.Unsafe.putByte...

7.1AI score
Exploits0References1
Rows per page
Query Builder