Zurück zur CVE-Übersicht
CVE-2024-23684
HIGH(7.5)CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Risk Signal Score19/100 — NIEDRIG
- CVSS 7.5 — Hoch
EPSS-Score
1%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
7.5
Technische Schwere
Beschreibung
Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation (CBOR) versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use of this library, this may be a remote attacker.
Referenzen
- https://github.com/advisories/GHSA-fj2w-wfgv-mwq6
- https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6
- https://vulncheck.com/advisories/vc-advisory-GHSA-fj2w-wfgv-mwq6
- https://github.com/advisories/GHSA-fj2w-wfgv-mwq6
- https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6
- https://vulncheck.com/advisories/vc-advisory-GHSA-fj2w-wfgv-mwq6