CVE-2018-12679

Name of the Vulnerable Software and Affected Versions CoAPthon3 versions 1.0 through 1.0.1

Description The Serialize.deserialize() method mishandles certain exceptions, leading to a denial of service in applications that use this library when they receive crafted CoAP messages.

Recommendations For CoAPthon3 versions 1.0 through 1.0.1, as a temporary workaround, consider disabling the Serialize.deserialize() method until a patch is available. Restrict access to the CoAP server and client to minimize the risk of exploitation. Avoid using the CoAPthon3 library in production environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.