CVE-2022-36124

It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
References
Link Resource
https://lists.apache.org/thread/kj429rzo1xxjgz058qqqg0y7c0p512zo Mailing List Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:avro:*:*:*:*:*:rust:*:*

History

No history.

Information

Published : 2022-08-09 07:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-36124

Mitre link : CVE-2022-36124

CVE.ORG link : CVE-2022-36124


JSON object : View

Products Affected

apache

  • avro
CWE
CWE-770

Allocation of Resources Without Limits or Throttling