PT-2025-41447 · Amazon · Amazon.Iondotnet
Gregg
·
Published
2025-10-09
·
Updated
2025-10-13
·
CVE-2025-11573
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Amazon.IonDotnet versions prior to 1.3.2
Description
An infinite loop issue exists in the Amazon.IonDotnet library that could allow an attacker to cause a denial of service by providing a specially crafted text input. The library has been deprecated as of August 20, 2025, and will not receive further updates.
Recommendations
Upgrade to version 1.3.2.
Fix
DoS
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Amazon.Iondotnet