2 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46384
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker- controlled 64-bit values from the wire format and either...
CVE-2026-46385
Summary (CVE-2026-46385) iskorotkov/avro’s Go Avro decoder can trigger remote, unauthenticated CPU exhaustion by looping up to math.MaxInt64 iterations when decoding large attacker-controlled block counts, because inner loops did not check the reader’s error state after each decode. Affected: git...