CVE-2025-68131
- EPSS 0.06%
- Veröffentlicht 31.12.2025 01:15:36
- Zuletzt bearbeitet 02.01.2026 16:40:40
cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values mark...
CVE-2025-64076
- EPSS 0.19%
- Veröffentlicht 18.11.2025 00:00:00
- Zuletzt bearbeitet 31.12.2025 02:02:14
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decode_definite_long_string() function of the C extension decoder (source/decoder.c): (1) Integer Underflow Leading to Out-of-Bounds Read (CWE-191, CWE-125): An incorrect variable r...
CVE-2024-26134
- EPSS 1.05%
- Veröffentlicht 19.02.2024 23:15:07
- Zuletzt bearbeitet 02.01.2025 14:18:48
cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC 8949) serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by send...