Vulnerabilities > CVE-2024-23684 - Algorithmic Complexity vulnerability in Peteroupc Cbor
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation (CBOR) versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use of this library, this may be a remote attacker.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 16 |
Common Weakness Enumeration (CWE)
References
- https://github.com/advisories/GHSA-fj2w-wfgv-mwq6
- https://github.com/advisories/GHSA-fj2w-wfgv-mwq6
- https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6
- https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6
- https://vulncheck.com/advisories/vc-advisory-GHSA-fj2w-wfgv-mwq6
- https://vulncheck.com/advisories/vc-advisory-GHSA-fj2w-wfgv-mwq6