Avro Apache Avro

Do you want an email whenever new security vulnerabilities are reported in Apache Avro?

By the Year

In 2022 there have been 1 vulnerability in Apache Avro with an average score of 7.5 out of ten. Avro did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2022 as compared to last year.

Year Vulnerabilities Average Score
2022 1 7.50
2021 0 0.00
2020 0 0.00
2019 1 9.80
2018 0 0.00

It may take a day or so for new Avro vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Apache Avro Security Vulnerabilities

A vulnerability in the .NET SDK of Apache Avro

CVE-2021-43045 7.5 - High - January 06, 2022

A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro version 1.10.2 and prior versions. Users should update to version 1.11.0 which addresses this issue.

Allocation of Resources Without Limits or Throttling

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT

CVE-2019-17195 9.8 - Critical - October 15, 2019

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.

Improper Handling of Exceptional Conditions

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Oracle Policy Automation or by Apache? Click the Watch button to subscribe.

Apache
Vendor

Apache Avro
Product

subscribe