This is an automated email from the ASF dual-hosted git repository.
chaokunyang pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/fory-site.git
The following commit(s) were added to refs/heads/main by this push:
new 55382bc99 Revise affected versions and vulnerability details
55382bc99 is described below
commit 55382bc99ee13afe3b96356aa1833c59e32d7bd8
Author: Shawn Yang <[email protected]>
AuthorDate: Tue Sep 16 00:40:31 2025 +0800
Revise affected versions and vulnerability details
---
src/pages/security/index.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/pages/security/index.md b/src/pages/security/index.md
index 234593636..0cddf1ed3 100644
--- a/src/pages/security/index.md
+++ b/src/pages/security/index.md
@@ -15,7 +15,7 @@ Severity: Mederate
Vendor: The Apache Software Foundation
-Versions affected: 0.5.0 to 0.12.1
+Versions affected: 0.5.0 through 0.12.1
Description: A vulnerability in Apache Fory allows a remote attacker to cause
a Denial of Service (DoS). The issue stems from the insecure deserialization of
untrusted data. An attacker can supply a large, specially crafted data payload
that, when processed, consumes an excessive amount of CPU resources during the
deserialization process. This leads to CPU exhaustion, rendering the
application or system using the Apache Fory library unresponsive and
unavailable to legitimate users.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
