Vulnerability CVE-2024-21909
Published: 2024-01-03

Description:
PeterO.Cbor versions 4.0.0 through 4.5.0 are vulnerable to a denial of
service vulnerability. An attacker may trigger the denial of service
condition by providing crafted data to the DecodeFromBytes or other
decoding mechanisms in PeterO.Cbor. Depending on the usage of the
library, an unauthenticated and remote attacker may be able to cause the
denial of service condition.

 References:
https://github.com/peteroupc/CBOR/security/advisories/GHSA-6r92-cgxc-r5fg
https://github.com/peteroupc/CBOR/commit/b4117dbbb4cd5a4a963f9d0c9aa132f033e15b95
https://github.com/peteroupc/CBOR/compare/v4.5...v4.5.1
https://github.com/advisories/GHSA-6r92-cgxc-r5fg
https://vulncheck.com/advisories/vc-advisory-GHSA-6r92-cgxc-r5fg
Copyright 2026, cxsecurity.com

 

Back to Top