CVE-2022-36124

It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
References
Link Resource
https://lists.apache.org/thread/kj429rzo1xxjgz058qqqg0y7c0p512zo Mailing List Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:apache:avro:*:*:*:*:*:rust:*:*

Information

Published : 2022-08-09 07:15

Updated : 2022-08-16 12:11


NVD link : CVE-2022-36124

Mitre link : CVE-2022-36124

Products Affected
No products.
CWE