Known Vulnerabilities for Avro by Apache
Listed below are 6 of the newest known vulnerabilities associated with "Avro" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-39410 json | When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints ... | 7.5 - HIGH | 2023-09-29 | 2023-10-06 |
| CVE-2022-36125 json | It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications... | 7.5 - HIGH | 2022-08-09 | 2022-08-12 |
| CVE-2022-36124 json | It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. Th... | 7.5 - HIGH | 2022-08-09 | 2022-08-16 |
| CVE-2022-35724 json | It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affect... | 7.5 - HIGH | 2022-08-09 | 2022-08-15 |
| CVE-2021-43045 json | A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a deni... | 7.5 - HIGH | 2022-01-06 | 2023-09-26 |
| CVE-2019-17195 json | Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an ap... | 9.8 - CRITICAL | 2019-10-15 | 2023-11-07 |