Vulnerabilities
Vulnerable Software
Apache:  >> Avro  >> 0.6.5  Security Vulnerabilities
It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-08-09
It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-08-09
It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-08-09


Contact Us

Shodan ® - All rights reserved