Unrated severityNVD Advisory· Published Feb 8, 2012· Updated Apr 29, 2026
CVE-2012-0839
CVE-2012-0839
Description
OCaml 3.12.1 and earlier computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
Affected products
21cpe:2.3:a:inria:ocaml:*:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:inria:ocaml:*:*:*:*:*:*:*:*range: <=3.12.1
- cpe:2.3:a:inria:ocaml:1.07:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:2.02:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:2.04:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:2.99:alpha:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.00:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.01:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.02:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.03:alpha:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.04:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.05:beta:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.06:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.07:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.07:beta1:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.07:beta2:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.07:pl2:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.08:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.09:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.10:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.11:*:*:*:*:*:*:*
- cpe:2.3:a:inria:ocaml:3.12:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- openwall.com/lists/oss-security/2012/02/07/1nvd
- openwall.com/lists/oss-security/2012/02/07/2nvd
- secunia.com/advisories/47853nvd
- www.mail-archive.com/caml-list%40inria.fr/msg01477.htmlnvd
- www.mail-archive.com/caml-list%40inria.fr/msg01478.htmlnvd
- www.nruns.com/_downloads/advisory28122011.pdfnvd
- www.ocert.org/advisories/ocert-2011-003.htmlnvd
News mentions
0No linked articles in our index yet.