6 matches found
Security update for python-cbor2 (important)
openSUSE security update: security update for python-cbor2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20133-1 Rating: important References: bsc1220096 bsc1253746 Cross-References: CVE-2024-26134 CVE-2025-64076 CVSS scores: CVE-2025-64076 SUSE :...
OPENSUSE-SU-2025:20133-1 Security update for python-cbor2
This update for python-cbor2 fixes the following issues: - CVE-2025-64076: Fixed bug in decodedefinitelongstring that causes incorrect chunk length calculation bsc1253746. Already fixed in release 5.6.3: - CVE-2024-26134: Fixed potential crash when hashing a CBORTag bsc1220096...
CVE-2025-64076
A flaw was found in cbor2. This vulnerability allows denial of service through process crashes or memory exhaustion via sending specially-crafted CBOR data containing definite-length text strings with multi-byte UTF-8 characters...
AZL-70516 CVE-2025-64076 affecting package python-cbor2 5.6.5-2
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decodedefinitelongstring function of the C extension decoder source/decoder.c: 1 Integer Underflow Leading to Out-of-Bounds Read CWE-191, CWE-125: An incorrect variable reference and missing state reset in the chunk processing...
CVE-2025-64076
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decodedefinitelongstring function of the C extension decoder source/decoder.c: 1 Integer Underflow Leading to Out-of-Bounds Read CWE-191, CWE-125: An incorrect variable reference and missing state reset in the chunk processing...
EUVD-2025-198054
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decodedefinitelongstring function of the C extension decoder source/decoder.c: 1 Integer Underflow Leading to Out-of-Bounds Read CWE-191, CWE-125: An incorrect variable reference and missing state reset in the chunk processing...