Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation (CBOR) versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use of this library, this may be a remote attacker.
{ "nvd_published_at": "2024-01-19T21:15:10Z", "cwe_ids": [ "CWE-407" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-01-23T14:36:37Z" }