4 matches found
SUSE CVE-2026-57585
MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This...
DEBIAN-CVE-2026-57585
MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This...
GHSA-6V7P-G79W-8964 MessagePack for Python: Out-of-bounds read / crash on Unpacker reuse after a caught error
Impact If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. If the Unpacker is used repeatedly to unpack untrusted input from external sources, it may be vulnerable to a DoS attack. Patches v1.2.1 Workarounds Users should create a new Unpacker instead of...
PT-2026-54004
Name of the Vulnerable Software and Affected Versions MessagePack versions prior to 1.2.1 Description An out-of-bounds read occurs when an Unpacker is reused after an error has been caught, which can lead to a denial of service DoS attack. If the Unpacker is used repeatedly following such an erro...