rencode@1.0.4 vulnerabilities

Web safe object pickling/unpickling

Direct Vulnerabilities

Known vulnerabilities in the rencode package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Denial of Service (DoS)

rencode is a Web safe object pickling/unpickling

Affected versions of this package are vulnerable to Denial of Service (DoS). Rencode allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory.

How to fix Denial of Service (DoS)?

A fix was pushed into the master branch but not yet published.

[0,)