Vulnerabilities (CVE)

Filtered by vendor Inria Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0839 1 Inria 1 Ocaml 2024-11-21 5.0 MEDIUM N/A
OCaml 3.12.1 and earlier computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
CVE-2011-4119 1 Inria 1 Caml-light 2024-11-21 7.5 HIGH 9.8 CRITICAL
caml-light <= 0.75 uses mktemp() insecurely, and also does unsafe things in /tmp during make install.