VYPR

rpm package

opensuse/python-cbor2&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/python-cbor2&distro=openSUSE%20Leap%2016.0

Vulnerabilities (4)

  • CVE-2026-26209Mar 23, 2026
    affected < 5.6.5-160000.4.1fixed 5.6.5-160000.4.1

    cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerabili

  • CVE-2025-68131Dec 31, 2025
    affected < 5.6.5-160000.4.1fixed 5.6.5-160000.4.1

    cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag (28)

  • CVE-2025-64076Nov 18, 2025
    affected < 5.6.5-160000.3.1fixed 5.6.5-160000.3.1

    Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decode_definite_long_string() function of the C extension decoder (source/decoder.c): (1) Integer Underflow Leading to Out-of-Bounds Read (CWE-191, CWE-125): An incorrect variable reference and missing state res

  • CVE-2024-26134Feb 19, 2024
    affected < 5.6.5-160000.3.1fixed 5.6.5-160000.3.1

    cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC 8949) serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Vers