VYPR

Maven package

org.msgpack/msgpack-core

pkg:maven/org.msgpack/msgpack-core

Vulnerabilities (1)

  • CVE-2026-21452Jan 2, 2026
    affected < 0.9.11fixed 0.9.11

    MessagePack for Java is a serializer implementation for Java. A denial-of-service vulnerability exists in versions prior to 0.9.11 when deserializing .msgpack files containing EXT32 objects with attacker-controlled payload lengths. While MessagePack-Java parses extension headers