GHSA-Q5R6-9QWQ-G2WJ Amazon.IonDotnet is vulnerable to Denial of Service attacks

Summary Amazon.IonDotnet is a library for the Dotnet language that is used to read and write Amazon Ion data. An issue exists where, under certain circumstances, the library could an infinite loop, resulting in denial of service. As of August 20, 2025, this library has been deprecated and will no...

Improper Validation of Syntactic Correctness of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input via the LoadBlob function. An attacker can cause the application to enter an infinite loop and exhaust system resources by submitting specially crafted text input that triggers...

ion-dotnet 安全漏洞

ion-dotnet is an A.NET implementation of Amazon Ion by amazon-ion open source. A security vulnerability exists in ion-dotnet versions prior to v1.3.2, which stems from the fact that specially crafted text input may result in an infinite loop, which can lead to a denial-of-service attack...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop via the RawBinaryReader class. This is due to a missing check of the number of bytes read from the underlying stream while deserializing the binary format when reading binary Ion data. Remediation Upgrade Amazon.IonDotnet ...

ion-dotnet 安全漏洞

ion-dotnet is an A.NET implementation of Amazon Ion by amazon-ion open source. A security vulnerability exists in ion-dotnet versions prior to 1.3.1 that stems from the RawBinaryReader class not checking the number of bytes read, which could lead to an infinite loop and denial of service...