← Zuruck zu CVEs
CVE-2021-43045
HIGH7.5
Beschreibung
A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue.
CVE Details
CVSS v3.1 Bewertung7.5
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht1/6/2022
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
apache:avro
Schwachen (CWE)
CWE-770CWE-770
Referenzen
http://www.openwall.com/lists/oss-security/2022/01/06/8(security@apache.org)
https://lists.apache.org/thread/5fttw9vk6gd2p3b846nox7hcj5469xfd(security@apache.org)
http://www.openwall.com/lists/oss-security/2022/01/06/8(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread/5fttw9vk6gd2p3b846nox7hcj5469xfd(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.