Product
medium
advisory
Avro Map Decoder Vulnerable to Denial-of-Service via Unbounded Memory Allocation
2 rules 1 TTPThe Avro map decoder accepted attacker-controlled block-element counts, leading to unbounded map growth and potential denial-of-service via memory exhaustion; upgrading to v2.33.0 requires explicit configuration of MaxMapAllocSize to mitigate the vulnerability.
avro +1
denial-of-service
memory-exhaustion
data-serialization
2r
1t
medium
advisory
Avro Map Decoder Vulnerable to Denial-of-Service via Unbounded Memory Allocation
2 rules 1 TTPThe Avro map decoder accepted attacker-controlled block-element counts, leading to unbounded map growth and potential denial-of-service via memory exhaustion; upgrading to v2.33.0 requires explicit configuration of MaxMapAllocSize to mitigate the vulnerability.
avro +1
denial-of-service
memory-exhaustion
data-serialization
2r
1t