Lucene search
GoogleOSV:RUSTSEC-2022-0030HistoryMay 21, 2022 - 12:00 p.m.
Stack overflow during recursive expression parsing
2022-05-2112:00:00
Google
osv.dev
13
stack overflow
parsing expressions
untrusted rulex
denial of service
recursion depth
software
EPSS
0.001
Percentile
30.7%
When parsing untrusted rulex expressions, the stack may overflow, possibly
enabling a Denial of Service attack. This happens when parsing an expression
with several hundred levels of nesting, causing the process to abort
immediately.
The flaw was corrected in commits 60aa2dc03a by adding a check to recursion
depth.
Related
nvd
nvd
CVE-2022-31099
2022-06-27 23:15:08
github
github
Uncontrolled Recursion in rulex
2022-06-22 17:52:51
osv
osv
CVE-2022-31099
2022-06-27 23:15:08
Uncontrolled Recursion in rulex
2022-06-22 17:52:51
cvelist
cvelist
CVE-2022-31099 Uncontrolled Recursion in rulex
2022-06-27 22:10:20
prion
prion
Stack overflow
2022-06-27 23:15:00
rustsec
rustsec
Stack overflow during recursive expression parsing
2022-05-21 12:00:00
cve
cve
CVE-2022-31099
2022-06-27 23:15:08