VYPR

PyPI package

cbor2

pkg:pypi/cbor2

Vulnerabilities (3)

  • CVE-2026-26209Mar 23, 2026
    affected < 5.9.0fixed 5.9.0

    cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerabili

  • CVE-2025-68131Dec 31, 2025
    affected >= 3.0.0, < 5.8.0fixed 5.8.0

    cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28)

  • CVE-2024-26134Feb 19, 2024
    affected >= 5.5.1, < 5.6.2fixed 5.6.2

    cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC 8949) serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Vers