Security Advisory

CVE-2025-12829

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-07 18:04:15

Last updated 2025-11-07 18:13:55

Assigner AMZN

State PUBLISHED

Description

An uninitialized stack read issue exists in Amazon Ion-C versions <v1.1.4 that may allow a threat actor to craft data and serialize it to Ion text in such a way that sensitive data in memory could be exposed through UTF-8 escape sequences. To mitigate this issue, users should upgrade to version v1.1.4.

← Browse all CVEs View on cve.org ↗