2 matches found
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization process. An attacker can exhaust CPU resources and render the application or system unresponsive by submitting a large, specially crafted data payload. Details Serialization is a...
PT-2025-36337
Name of the Vulnerable Software and Affected Versions: fs2 versions 3.12.2 and lower fs2 versions 3.13.0-M1 through 3.13.0-M6 Description: fs2, a compositional, streaming I/O library for Scala, is susceptible to denial of service attacks through TLS sessions when using fs2-io on the JVM with the...