CNNVD-202510-1272 Information

CNNVD ID

CNNVD-202510-1272

Related CVE

CVE-2025-11573

• CNNVD Published: 2025-10-09

Description (Chinese)

ion-dotnet是amazon-ion开源的一个A.NET实现的Amazon Ion。 ion-dotnet v1.3.2之前版本存在安全漏洞，该漏洞源于特制文本输入可能导致无限循环，从而引发拒绝服务攻击。

Description (English)

ion-dotnet is the achievement of Amazon Ion by A.NET, an open source of amazon-ion. There was a security loophole in the pre-ion-dotnet v1.3.2 version, which stemmed from the fact that ad hoc text input could lead to an unlimited cycle, thus triggering a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

amazon-ion

Published

2025-10-09

Last Modified

2026-02-24

References

https://aws.amazon.com/security/security-bulletins/AWS-2025-022/ https://github.com/amazon-ion/ion-dotnet/releases/tag/v1.3.2 https://github.com/amazon-ion/ion-dotnet/security/advisories/GHSA-q5r6-9qwq-g2wj https://access.redhat.com/security/cve/cve-2025-11573

Patch

https://github.com/amazon-ion/ion-dotnet/releases