CVE-2022-3433
N/A
N/A
Summary
The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | aeson | Fixed in 2.0.1.0 | affected |
Weaknesses
- CWE-328: CWE-328->CWE-400
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.