Vulnerability Database

309,587

Total vulnerabilities in the database

CVE-2025-11573

An infinite loop issue in Amazon.IonDotnet library versions <v1.3.2 may allow a threat actor to cause a denial of service through a specially crafted text input.

To mitigate this issue, users should upgrade to version v1.3.2. As of August 20, 2025, this library has been deprecated and will not receive further updates.

Published: Oct 9, 2025
Updated: Nov 24, 2025
CVE: CVE-2025-11573
GHSA: GHSA-q5r6-9qwq-g2wj
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-1286
CWE-400

Affected Software
References

Software	From	Fixed in
Amazon.IonDotnet	-	1.3.2

https://aws.amazon.com/security/security-bulletins/AWS-2025-022
https://aws.amazon.com/security/security-bulletins/AWS-2025-022/
https://github.com/amazon-ion/ion-dotnet/commit/edaff75fe5abbb71e647bed812c608c0c5e2fbab
https://github.com/amazon-ion/ion-dotnet/pull/160
https://github.com/amazon-ion/ion-dotnet/releases/tag/v1.3.2
https://github.com/amazon-ion/ion-dotnet/security/advisories/GHSA-q5r6-9qwq-g2wj

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo