HSEC-2026-0007 Denial of Service and Memory Exhaustion in aeson and text-iso8601

Denial of Service and Memory Exhaustion in aeson and text-iso8601 Two Denial of Service DoS and memory exhaustion vulnerabilities were identified in the aeson and text-iso8601 packages. These vulnerabilities allow an attacker to exhaust server memory and crash the host process by supplying...

HSEC-2023-0001 Hash flooding vulnerability in aeson

Hash flooding vulnerability in aeson aeson was vulnerable to hash flooding a.k.a. hash DoS. The issue is a consequence of the HashMap implementation from unordered-containers. It results in a denial of service through CPU consumption. This technique has been used in real-world attacks against a...

EUVD-2022-42809

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-3433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying...

ROS-20240815-12

The JSON aeson analysis and encoding library vulnerability is related to the creation of a hash collision in the unordered-containers base library by sending specially crafted JSON data. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial of service...

SUSE CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

DEBIAN-CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

Design/Logic Flaw

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

UBUNTU-CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

CVE-2022-3433

The CVE-2022-3433 entry concerns the aeson library, which is not safe to use with untrusted JSON input. Multiple connected sources describe a hash-flooding (hash DoS) vulnerability triggered by crafted JSON data that exploits the underlying unordered-containers HashMap, enabling remote denial of ...

aeson 加密问题漏洞

aeson is a fast Haskell library open-sourced by Haskell for processing JSON data. A security vulnerability exists in aeson, which stems from the fact that it allows the use of untrusted JSON input to cause a denial of service by allowing a remote user to send specially crafted JSON data to create...

CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

PT-2022-7465

Name of the Vulnerable Software and Affected Versions aeson affected versions not specified Description The aeson library is not safe for consuming untrusted JSON input. A remote user could exploit this issue to produce a hash collision in the underlying unordered-containers library by sending...