QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-35724

Back to search

CVE-2022-35724

Published: Aug 9, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.

VendorProductVersions

Apache Software Foundation

Apache Avro

affected
unspecified - < 0.14.0

Weaknesses (CWE)

CWE-20
CWE-770

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now