cvedb.io
CVE-2022-36124
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2022-08-09T07:15:07.443 · Last modified 2026-06-23T16:16:58.180

Summary

It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.

Affected products

apache — avro

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.