VulnerableCode Package Details - pkg:nuget/MessagePack@1.6.0.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:nuget/MessagePack@1.6.0.2

purl	pkg:nuget/MessagePack@1.6.0.2
Tags	Ghost

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-h87p-v2c4-7qgg Aliases: CVE-2020-5234 GHSA-7q36-4xx7-xcxf	Untrusted data can lead to DoS attack due to hash collisions and stack overflow in MessagePack	1.9.3 Affected by 0 other vulnerabilities. 1.9.11 Affected by 0 other vulnerabilities. 2.1.90 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-h87p-v2c4-7qgg
Aliases:
CVE-2020-5234
GHSA-7q36-4xx7-xcxf

Untrusted data can lead to DoS attack due to hash collisions and stack overflow in MessagePack

1.9.3
Affected by 0 other vulnerabilities.

1.9.11
Affected by 0 other vulnerabilities.

2.1.90
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T04:23:05.251039+00:00	RetireDotNet Importer	Affected by	VCID-h87p-v2c4-7qgg	https://github.com/RetireNet/Packages/blob/master/Content/19.json	38.6.0