Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/05/14 2:32 p.m.88 views

CVE-2026-44375 Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException

Nerdbank.MessagePack is a NativeAOT-compatible MessagePack serialization library. Prior to 1.1.62, Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A malicious MessagePack payload can declare an oversized timestamp extension length, causing the...

7.5CVSS0.00358EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/06 11:5 p.m.10 views

Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException

Summary Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A malicious MessagePack payload can declare an oversized timestamp extension length, causing the reader to allocate an attacker-controlled number of bytes on the stack. This can trigger a...

7.5CVSS5.9AI score0.00358EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/05/06 11:5 p.m.13 views

GHSA-2CWQ-PWFR-WCW3 Nerdbank.MessagePack: Attacker-controlled stackalloc in DateTime decoding causes process-terminating StackOverflowException

Summary Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A malicious MessagePack payload can declare an oversized timestamp extension length, causing the reader to allocate an attacker-controlled number of bytes on the stack. This can trigger a...

7.5CVSS5.9AI score0.00358EPSS
Exploits0References7
Snyk
Snyk
added 2026/04/24 4:39 p.m.8 views

Memory Allocation with Excessive Size Value

Overview ParquetSharp is a .NET library for reading and writing Parquet files. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the DecimalConverter.ReadDecimal function. An attacker can cause a large stackalloc by supplying a Parquet file with a...

8.7CVSS5.9AI score0.00273EPSS
Exploits0References2
Rows per page
Query Builder