CVE-2021-43045

CVE-2021-43045: Possible DOS vulnerabilities in C# Avro SDK

Vendor Apache Software Foundation
Product Apache Avro
Weakness CWE-770 · Uncontrolled resource consumption
Published January 6, 2022
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue.

Key dates

02Disclosure timeline

January 6, 2022 CVE published
August 4, 2024 Record updated