Описание
The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service.
Ссылки
- ExploitPatchTechnical DescriptionThird Party Advisory
- ExploitPatchTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service.
The aeson library is not safe to use to consume untrusted JSON input. ...
The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service.
Уязвимость библиотеки анализа и кодирования JSON aeson, связанная с недостаточной стойкостью шифрования, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.5 Medium
CVSS3