Vulnerabilidades en MessagePack-CSharp
13 resultadosCVE-2024-48924HIGHMessagePack allows untrusted data to lead to DoS attack due to hash collisions and stack overflowEPSS 0.4%CVE-2026-48109HIGHMessagePack-CSharp: LZ4 decompression may fail with AccessViolationException after dereferencing memory from bad inputEPSS 0.3%CVE-2026-48506HIGHMessagePack-CSharp: MessagePackReader.Skip can recurse without enforcing maximum object graph depthEPSS 0.3%CVE-2026-48502HIGHMessagePack-CSharp: Denial of service vulnerabilities can swamp the CPU or crash the process with stack and heap overflowsEPSS 0.3%CVE-2026-48517MEDIUMMessagePack-CSharp: Typeless deserialization type restrictions do not recurse into arrays or generic argumentsEPSS 0.2%CVE-2026-48509MEDIUMMessagePack-CSharp: ASP.NET Core MessagePackInputFormatter defaults to TrustedData for HTTP request bodiesEPSS 0.2%CVE-2026-48510MEDIUMMessagePack-CSharp: LZ4 decompression allocates from unbounded declared output lengthsEPSS 0.2%CVE-2026-48514MEDIUMMessagePack-CSharp: Unity unsafe blit formatter allocates from unbounded byte lengthEPSS 0.2%CVE-2026-48513MEDIUMMessagePack-CSharp: DynamicUnionResolver generated deserializers miss depth enforcementEPSS 0.2%CVE-2026-48516MEDIUMMessagePack-CSharp: InterfaceLookupFormatter bypasses collision-resistant comparer settingsEPSS 0.2%CVE-2026-48512MEDIUMMessagePack-CSharp: JSON conversion APIs can recurse without consistent depth enforcementEPSS 0.2%CVE-2026-48511MEDIUMMessagePack-CSharp: ExpandoObject formatter can perform quadratic insertion work on untrusted mapsEPSS 0.2%CVE-2026-48515MEDIUMMessagePack-CSharp: Multi-dimensional array formatters allocate from unchecked dimensionsEPSS 0.2%