Search criteria
3 vulnerabilities by dfinity
CVE-2024-11991 (GCVE-0-2024-11991)
Vulnerability from cvelistv5 – Published: 2024-12-09 14:38 – Updated: 2024-12-09 15:07
VLAI?
Summary
Motoko's incremental garbage collector is impacted by an uninitialized memory access bug, caused by incorrect use of write barriers in a few locations. This vulnerability could potentially allow unauthorized read or write access to a Canister's memory. However, exploiting this bug requires the Canister to enable the incremental garbage collector or enhanced orthogonal persistence, which are non-default features in Motoko.
Severity ?
5.6 (Medium)
CWE
- CWE-908 - Use of Uninitialized Resource
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Internet Computer | Motoko |
Affected:
0.9.0 , ≤ 0.13.3
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11991",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-09T15:07:27.354775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T15:07:37.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "moc",
"product": "Motoko",
"vendor": "Internet Computer",
"versions": [
{
"lessThanOrEqual": "0.13.3",
"status": "affected",
"version": "0.9.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eMotoko\u0027s incremental garbage collector is impacted by an uninitialized memory access bug, caused by incorrect use of write barriers in a few locations. This vulnerability could potentially allow unauthorized read or write access to a Canister\u0027s memory. However, exploiting this bug requires the Canister to enable the incremental garbage collector or enhanced orthogonal persistence, which are non-default features in Motoko.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Motoko\u0027s incremental garbage collector is impacted by an uninitialized memory access bug, caused by incorrect use of write barriers in a few locations. This vulnerability could potentially allow unauthorized read or write access to a Canister\u0027s memory. However, exploiting this bug requires the Canister to enable the incremental garbage collector or enhanced orthogonal persistence, which are non-default features in Motoko."
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T14:38:07.288Z",
"orgId": "6b35d637-e00f-4228-858c-b20ad6e1d07b",
"shortName": "Dfinity"
},
"references": [
{
"url": "https://github.com/dfinity/motoko/pull/4677"
},
{
"url": "https://github.com/dfinity/motoko/security/advisories/GHSA-9rhg-3qf8-hrv3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Uninitialized memory access in Motoko incremental garbage collector",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDisable incremental garbage collector and enhanced orthogonal persistence. i.e. do \u003cstrong\u003enot compile\u003c/strong\u003e\u0026nbsp;with\u0026nbsp;\u003ci\u003e\u2014incremental-gc\u003c/i\u003e or \u003ci\u003e--enhanced-orthogonal-persistence\u003c/i\u003e options.\u003c/p\u003e"
}
],
"value": "Disable incremental garbage collector and enhanced orthogonal persistence. i.e. do not compile\u00a0with\u00a0\u2014incremental-gc or --enhanced-orthogonal-persistence options."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "6b35d637-e00f-4228-858c-b20ad6e1d07b",
"assignerShortName": "Dfinity",
"cveId": "CVE-2024-11991",
"datePublished": "2024-12-09T14:38:07.288Z",
"dateReserved": "2024-11-29T10:02:19.279Z",
"dateUpdated": "2024-12-09T15:07:37.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7884 (GCVE-0-2024-7884)
Vulnerability from cvelistv5 – Published: 2024-09-05 13:01 – Updated: 2024-09-05 14:42
VLAI?
Summary
When a canister method is called via ic_cdk::call* , a new Future CallFuture is created and can be awaited by the caller to get the execution result. Internally, the state of the Future is tracked and stored in a struct called CallFutureState. A bug in the polling implementation of the CallFuture allows multiple references to be held for this internal state and not all references were dropped before the Future is resolved. Since we have unaccounted references held, a copy of the internal state ended up being persisted in the canister's heap and thus causing a memory leak.
Impact Canisters built in Rust with ic_cdk and ic_cdk_timers are affected. If these canisters call a canister method, use timers or heartbeat, they will likely leak a small amount of memory on every such operation. In the worst case, this could lead to heap memory exhaustion triggered by an attacker. Motoko based canisters are not affected by the bug.
PatchesThe patch has been backported to all minor versions between >= 0.8.0, <= 0.15.0. The patched versions available are 0.8.2, 0.9.3, 0.10.1, 0.11.6, 0.12.2, 0.13.5, 0.14.1, 0.15.1 and their previous versions have been yanked. WorkaroundsThere are no known workarounds at the moment. Developers are recommended to upgrade their canister as soon as possible to the latest available patched version of ic_cdk to avoid running out of Wasm heap memory.
Upgrading the canisters (without updating `ic_cdk`) also frees the leaked memory but it's only a temporary solution.
Severity ?
7.5 (High)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Internet Computer | ic-cdk |
Affected:
0.8.0 , < 0.8.2
(semver)
Affected: 0.9.0 , < 0.9.3 (semver) Affected: 0.10.0 , < 0.10.1 (semver) Affected: 0.11.0 , < 0.11.5 (semver) Affected: 0.12.0 , < 0.12.2 (semver) Affected: 0.13.0 , < 0.13.4 (semver) Affected: 0.14.0 , < 0.14.1 (semver) Affected: 0.15.0 , < 0.15.1 (semver) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:internet_computer:ic-cdk:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ic-cdk",
"vendor": "internet_computer",
"versions": [
{
"lessThan": "0.8.2",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
},
{
"lessThan": "0.9.3",
"status": "affected",
"version": "0.9.0",
"versionType": "semver"
},
{
"lessThan": "0.10.1",
"status": "affected",
"version": "0.10.0",
"versionType": "semver"
},
{
"lessThan": "0.11.5",
"status": "affected",
"version": "0.11.0",
"versionType": "semver"
},
{
"lessThan": "0.12.2",
"status": "affected",
"version": "0.12.0",
"versionType": "semver"
},
{
"lessThan": "0.13.4",
"status": "affected",
"version": "0.13.0",
"versionType": "semver"
},
{
"lessThan": "0.14.1",
"status": "affected",
"version": "0.14.0",
"versionType": "semver"
},
{
"lessThan": "0.15.1",
"status": "affected",
"version": "0.15.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7884",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T14:27:48.684901Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T14:42:09.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://crates.io/crates/ic-cdk",
"defaultStatus": "unaffected",
"packageName": "ic-cdk",
"product": "ic-cdk",
"repo": "https://github.com/dfinity/cdk-rs",
"vendor": "Internet Computer",
"versions": [
{
"changes": [
{
"at": "0.8.2",
"status": "unaffected"
}
],
"lessThan": "0.8.2",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "0.9.3",
"status": "unaffected"
}
],
"lessThan": "0.9.3",
"status": "affected",
"version": "0.9.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "0.10.1",
"status": "unaffected"
}
],
"lessThan": "0.10.1",
"status": "affected",
"version": "0.10.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "0.11.6",
"status": "unaffected"
}
],
"lessThan": "0.11.5",
"status": "affected",
"version": "0.11.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "0.12.2",
"status": "unaffected"
}
],
"lessThan": "0.12.2",
"status": "affected",
"version": "0.12.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "0.13.5",
"status": "unaffected"
}
],
"lessThan": "0.13.4",
"status": "affected",
"version": "0.13.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "0.14.1",
"status": "unaffected"
}
],
"lessThan": "0.14.1",
"status": "affected",
"version": "0.14.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "0.15.1",
"status": "unaffected"
}
],
"lessThan": "0.15.1",
"status": "affected",
"version": "0.15.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When a canister method is called via \u003ctt\u003eic_cdk::call*\u003c/tt\u003e , a new Future \u003ctt\u003eCallFuture\u0026nbsp;\u003c/tt\u003eis created and can be awaited by the caller to get the execution result. Internally, the state of the Future is tracked and stored in a struct called \u003ctt\u003eCallFutureState\u003c/tt\u003e. A bug in the polling implementation of the \u003ctt\u003eCallFuture\u003c/tt\u003e allows multiple references to be held for this internal state and not all references were dropped before the \u003ctt\u003eFuture\u003c/tt\u003e\u0026nbsp;is resolved. Since we have unaccounted references held, a copy of the internal state ended up being persisted in the canister\u0027s heap and thus causing a memory leak. \u003cbr\u003e\u003ch3\u003eImpact\u0026nbsp;\u003c/h3\u003eCanisters built in Rust with \u003ctt\u003eic_cdk\u003c/tt\u003e\u0026nbsp;and \u003ctt\u003eic_cdk_timers\u003c/tt\u003e\u0026nbsp;are affected. If these canisters call a canister method, use timers or heartbeat, they will likely leak a small amount of memory on every such operation. \u003cb\u003eIn the worst case, this could lead to heap memory exhaustion triggered by an attacker. \u003c/b\u003eMotoko based canisters are not affected by the bug.\u003cbr\u003e\u003ch3\u003ePatches\u003c/h3\u003eThe patch has been backported to all minor versions between \u003ctt\u003e\u0026gt;= 0.8.0, \u0026lt;= 0.15.0\u003c/tt\u003e. The patched versions available are \u003ctt\u003e0.8.2, 0.9.3, 0.10.1, 0.11.6, 0.12.2, 0.13.5, 0.14.1, 0.15.1 \u003c/tt\u003eand their previous versions have been yanked. \u003ch3\u003eWorkarounds\u003c/h3\u003eThere are no known workarounds at the moment. Developers are recommended to upgrade their canister as soon as possible to the latest available patched version of \u003ctt\u003eic_cdk\u003c/tt\u003e\u0026nbsp;to avoid running out of Wasm heap memory. \u003cbr\u003e\u003cblockquote\u003eUpgrading the canisters (without updating `ic_cdk`) also frees the leaked memory but it\u0027s only a temporary solution.\u003c/blockquote\u003e"
}
],
"value": "When a canister method is called via ic_cdk::call* , a new Future CallFuture\u00a0is created and can be awaited by the caller to get the execution result. Internally, the state of the Future is tracked and stored in a struct called CallFutureState. A bug in the polling implementation of the CallFuture allows multiple references to be held for this internal state and not all references were dropped before the Future\u00a0is resolved. Since we have unaccounted references held, a copy of the internal state ended up being persisted in the canister\u0027s heap and thus causing a memory leak. \nImpact\u00a0Canisters built in Rust with ic_cdk\u00a0and ic_cdk_timers\u00a0are affected. If these canisters call a canister method, use timers or heartbeat, they will likely leak a small amount of memory on every such operation. In the worst case, this could lead to heap memory exhaustion triggered by an attacker. Motoko based canisters are not affected by the bug.\nPatchesThe patch has been backported to all minor versions between \u003e= 0.8.0, \u003c= 0.15.0. The patched versions available are 0.8.2, 0.9.3, 0.10.1, 0.11.6, 0.12.2, 0.13.5, 0.14.1, 0.15.1 and their previous versions have been yanked. WorkaroundsThere are no known workarounds at the moment. Developers are recommended to upgrade their canister as soon as possible to the latest available patched version of ic_cdk\u00a0to avoid running out of Wasm heap memory. \nUpgrading the canisters (without updating `ic_cdk`) also frees the leaked memory but it\u0027s only a temporary solution."
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T13:01:20.585Z",
"orgId": "6b35d637-e00f-4228-858c-b20ad6e1d07b",
"shortName": "Dfinity"
},
"references": [
{
"url": "https://github.com/dfinity/cdk-rs/pull/509"
},
{
"url": "https://docs.rs/ic-cdk/latest/ic_cdk/"
},
{
"url": "https://internetcomputer.org/docs/current/references/ic-interface-spec"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Memory leak when calling a canister method via `ic_cdk::call`",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "6b35d637-e00f-4228-858c-b20ad6e1d07b",
"assignerShortName": "Dfinity",
"cveId": "CVE-2024-7884",
"datePublished": "2024-09-05T13:01:20.585Z",
"dateReserved": "2024-08-16T15:30:36.784Z",
"dateUpdated": "2024-09-05T14:42:09.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6245 (GCVE-0-2023-6245)
Vulnerability from cvelistv5 – Published: 2023-12-08 14:26 – Updated: 2024-12-02 14:33
VLAI?
Summary
The Candid library causes a Denial of Service while
parsing a specially crafted payload with 'empty' data type. For example,
if the payload is `record { * ; empty }` and the canister interface expects `record { * }` then the Rust candid decoder treats empty as an extra field required by the type. The problem with the type empty is that the candid Rust library wrongly categorizes empty as a recoverable error when skipping the field and thus causing an infinite decoding loop.
Canisters using affected versions of candid
are exposed to denial of service by causing the decoding to run
indefinitely until the canister traps due to reaching maximum
instruction limit per execution round. Repeated exposure to the payload
will result in degraded performance of the canister. Note: Canisters written in Motoko are unaffected.
Severity ?
7.5 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Internet Computer | Candid |
Affected:
0.9.0 , < 0.9.10
(0.0.0)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dfinity/candid/pull/478"
},
{
"tags": [
"x_transferred"
],
"url": "https://internetcomputer.org/docs/current/references/candid-ref"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dfinity/candid/blob/master/spec/Candid.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dfinity/candid/security/advisories/GHSA-7787-p7x6-fq3j"
},
{
"tags": [
"x_transferred"
],
"url": "https://internetcomputer.org/docs/current/references/ic-interface-spec"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6245",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T14:31:05.379872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T14:33:16.496Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Candid",
"repo": "https://github.com/dfinity/candid",
"vendor": "Internet Computer",
"versions": [
{
"lessThan": "0.9.10",
"status": "affected",
"version": "0.9.0",
"versionType": "0.0.0"
}
]
}
],
"datePublic": "2023-12-08T01:55:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe Candid library causes a Denial of Service while \nparsing a specially crafted payload with \u0027empty\u0027 data type. For example,\n if the payload is \u003ccode\u003e`record { * ; empty }`\u003c/code\u003e and the canister interface expects \u003ccode\u003e`record { * }`\u003c/code\u003e then the Rust candid decoder treats \u003ccode\u003eempty\u003c/code\u003e as an extra field required by the type. The problem with the type \u003ccode\u003eempty\u003c/code\u003e is that the candid Rust library wrongly categorizes \u003ccode\u003eempty\u003c/code\u003e as a recoverable error when skipping the field and thus causing an infinite decoding loop.\u003c/p\u003e\n\u003cp\u003eCanisters using affected versions of candid\n are exposed to denial of service by causing the decoding to run \nindefinitely until the canister traps due to reaching maximum \ninstruction limit per execution round. Repeated exposure to the payload \nwill result in degraded performance of the canister. Note: Canisters written in Motoko are unaffected.\u003cbr\u003e\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "The Candid library causes a Denial of Service while \nparsing a specially crafted payload with \u0027empty\u0027 data type. For example,\n if the payload is `record { * ; empty }` and the canister interface expects `record { * }` then the Rust candid decoder treats empty as an extra field required by the type. The problem with the type empty is that the candid Rust library wrongly categorizes empty as a recoverable error when skipping the field and thus causing an infinite decoding loop.\n\n\nCanisters using affected versions of candid\n are exposed to denial of service by causing the decoding to run \nindefinitely until the canister traps due to reaching maximum \ninstruction limit per execution round. Repeated exposure to the payload \nwill result in degraded performance of the canister. Note: Canisters written in Motoko are unaffected.\n\n\n\n"
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of Service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1288",
"description": "CWE-1288 Improper Validation of Consistency within Input",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-168",
"description": "CWE-168 Improper Handling of Inconsistent Special Elements",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T14:26:09.331Z",
"orgId": "6b35d637-e00f-4228-858c-b20ad6e1d07b",
"shortName": "Dfinity"
},
"references": [
{
"url": "https://github.com/dfinity/candid/pull/478"
},
{
"url": "https://internetcomputer.org/docs/current/references/candid-ref"
},
{
"url": "https://github.com/dfinity/candid/blob/master/spec/Candid.md"
},
{
"url": "https://github.com/dfinity/candid/security/advisories/GHSA-7787-p7x6-fq3j"
},
{
"url": "https://internetcomputer.org/docs/current/references/ic-interface-spec"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Infinite decoding loop through specially crafted payload",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6b35d637-e00f-4228-858c-b20ad6e1d07b",
"assignerShortName": "Dfinity",
"cveId": "CVE-2023-6245",
"datePublished": "2023-12-08T14:26:09.331Z",
"dateReserved": "2023-11-21T16:28:51.715Z",
"dateUpdated": "2024-12-02T14:33:16.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}