cvedb.io
CVE-2022-35724
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2022-08-09T07:15:07.387 · Last modified 2026-06-17T04:52:08.147

Summary

It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.

Affected products

apache — avro

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.