4 matches found
Fedora 44 : python-cbor2 (2026-71677aed1e)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-71677aed1e advisory. Backport upstream patch for CVE-2025-64076 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
openSUSE 16 Security Update : python-cbor2 (openSUSE-SU-2025-20133-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20133-1 advisory. - CVE-2025-64076: Fixed bug in decodedefinitelongstring that causes incorrect chunk length calculation bsc1253746. Already fixed in release 5.6....
Security update for python-cbor2 (important)
openSUSE security update: security update for python-cbor2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20133-1 Rating: important References: bsc1220096 bsc1253746 Cross-References: CVE-2024-26134 CVE-2025-64076 CVSS scores: CVE-2025-64076 SUSE :...
CVE-2025-64076
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decodedefinitelongstring function of the C extension decoder source/decoder.c: 1 Integer Underflow Leading to Out-of-Bounds Read CWE-191, CWE-125: An incorrect variable reference and missing state reset in the chunk processing...