cbor2 is a CBOR (de)serializer with extensive tag support
Affected versions of this package are vulnerable to Insufficient Resource Pool due to a MemoryError when decoding large definite strings. Exploiting this vulnerability could lead to a system crash.