DoS vunrability in aHash #1809
Comments
|
If because this is solely a DoS attack vulnerability and not a soundness issue it does not meet the criteria for inclusion, then feel free the close this. |
|
If there's a reasonable expectation it could be exposed to attacker-controlled inputs from e.g. over a network, which seems to be the case here, it's worth considering |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I would submit a pull request, but I was not sure how to format the patch versions section.
package = "ahash"
url = "tkaitchuck/aHash#163"
categories = ["denial-of-service"]
arch = ["x86", "x86_64", "arm", "aarch64"]
Affected versions: 0.4.2 - 0.4.7, 0.5.0 - 0.5.10, 0.6.0 - 0.6.3, 0.7.0 - 0.7.6 and 0.8.0 - 0.8.3
Patch versions: 0.8.4, 0.7.7, and 0.4.8
Affected crate versions have been yanked.
The text was updated successfully, but these errors were encountered: