CVE-2012-0839
Last modified
CVE-2012-0839 is a vulnerability of currently unknown severity. OCaml 3.12.1 and earlier computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.. EPSS estimates a 2.75% chance of exploitation in the next 30 days.
Description
OCaml 3.12.1 and earlier computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Inria | Ocaml | <= 3.12.1 | — |
| Inria | Ocaml | 1.07 | — |
| Inria | Ocaml | 2.02 | — |
| Inria | Ocaml | 2.04 | — |
| Inria | Ocaml | 2.99 | Alpha |
| Inria | Ocaml | 3.00 | — |
| Inria | Ocaml | 3.01 | — |
| Inria | Ocaml | 3.02 | — |
| Inria | Ocaml | 3.03 | Alpha |
| Inria | Ocaml | 3.04 | — |
| Inria | Ocaml | 3.05 | Beta |
| Inria | Ocaml | 3.06 | — |
| Inria | Ocaml | 3.07 | — |
| Inria | Ocaml | 3.08 | — |
| Inria | Ocaml | 3.09 | — |
| Inria | Ocaml | 3.10 | — |
| Inria | Ocaml | 3.11 | — |
| Inria | Ocaml | 3.12 | — |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-0839?
How severe is CVE-2012-0839?
How do I fix CVE-2012-0839?
Are you affected by CVE-2012-0839?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST