Summary | cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC 8949) serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a patch for this issue. |
---|---|
Publication Date | Feb. 20, 2024, 8:15 a.m. |
Registration Date | Feb. 20, 2024, noon |
Last Update | April 20, 2024, 8:15 a.m. |