tkaitchuck
commented
10 months ago If because this is solely a DoS attack vulnerability and not a soundness issue it does not meet the criteria for inclusion, then feel free the close this.
Open tkaitchuck opened 10 months ago
tkaitchuck
commented
10 months ago If because this is solely a DoS attack vulnerability and not a soundness issue it does not meet the criteria for inclusion, then feel free the close this.
tarcieri
commented
10 months ago If there's a reasonable expectation it could be exposed to attacker-controlled inputs from e.g. over a network, which seems to be the case here, it's worth considering
I would submit a pull request, but I was not sure how to format the patch versions section.
package = "ahash" url = "https://github.com/tkaitchuck/aHash/issues/163" categories = ["denial-of-service"] arch = ["x86", "x86_64", "arm", "aarch64"] Affected versions: 0.4.2 - 0.4.7, 0.5.0 - 0.5.10, 0.6.0 - 0.6.3, 0.7.0 - 0.7.6 and 0.8.0 - 0.8.3 Patch versions: 0.8.4, 0.7.7, and 0.4.8
Affected crate versions have been yanked.