CVE-2022-36124

It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:avro:*:*:*:*:*:rust:*:*

History

21 Nov 2024, 07:12

Type Values Removed Values Added
References () https://lists.apache.org/thread/kj429rzo1xxjgz058qqqg0y7c0p512zo - Mailing List, Vendor Advisory () https://lists.apache.org/thread/kj429rzo1xxjgz058qqqg0y7c0p512zo - Mailing List, Vendor Advisory

Information

Published : 2022-08-09 07:15

Updated : 2024-11-21 07:12


NVD link : CVE-2022-36124

Mitre link : CVE-2022-36124

CVE.ORG link : CVE-2022-36124


JSON object : View

Products Affected

apache

  • avro
CWE
CWE-770

Allocation of Resources Without Limits or Throttling