CVE-2020-5234

MessagePack for C# and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps.
Configurations

Configuration 1

cpe:2.3:a:messagepack:messagepack:2.0.94:alpha:*:*:*:c#:*:*
cpe:2.3:a:messagepack:messagepack:2.0.110:alpha:*:*:*:c#:*:*
cpe:2.3:a:messagepack:messagepack:2.0.119:beta:*:*:*:c#:*:*
cpe:2.3:a:messagepack:messagepack:2.0.123:beta:*:*:*:c#:*:*
cpe:2.3:a:messagepack:messagepack:2.0.204:beta:*:*:*:c#:*:*
cpe:2.3:a:messagepack:messagepack:2.0.270:rc:*:*:*:c#:*:*
cpe:2.3:a:messagepack:messagepack:2.0.299:rc:*:*:*:c#:*:*
cpe:2.3:a:messagepack:messagepack:*:*:*:*:*:c#:*:*
cpe:2.3:a:messagepack:messagepack:*:*:*:*:*:c#:*:*

Information

Published : 2020-01-31 06:15

Updated : 2020-02-24 11:15


NVD link : CVE-2020-5234

Mitre link : CVE-2020-5234

Products Affected
No products.
CWE