CVE-2021-43045: Allocation of Resources Without Limits or Throttling in Apache Avro

January 6, 2022 (updated September 26, 2023)

A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro and prior versions. Users should update to which addresses this issue.

References

github.com/advisories/GHSA-868x-rg4c-cjqg
nvd.nist.gov/vuln/detail/CVE-2021-43045

Detect and mitigate CVE-2021-43045 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →