CNNVD-202509-2011 Information

CNNVD ID

CNNVD-202509-2011

Related CVE

CVE-2025-59328

• CNNVD Published: 2025-09-15

Description (Chinese)

Apache Fory是Apache基金会的一个序列化框架。 Apache Fory存在代码问题漏洞，该漏洞源于反序列化不可信数据时消耗过多CPU资源，可能导致拒绝服务攻击。

Description (English)

Apache Fory is a sequenced framework for the Apache Foundation. There is a code gap in Apache Fory, which results from over-consumption of CPU resources when anti-sequencing unreliable data can lead to denial of service attacks.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Apache Friends

Published

2025-09-15

Last Modified

2026-02-24

References

https://fory.apache.org/security/

Patch

https://github.com/apache/fory/releases