15 matches found
EUVD-2023-3140
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-6245
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. For example, if the payload is record ; empty an...
GHSA-7787-P7X6-FQ3J Candid infinite decoding loop through specially crafted payload
Impact The Candid library causes a Denial of Service while parsing a specially crafted payload with empty data type. For example, if the payload is record ; empty and the canister interface expects record then the rust candid decoder treats empty as an extra field required by the type. The proble...
Candid infinite decoding loop through specially crafted payload
Impact The Candid library causes a Denial of Service while parsing a specially crafted payload with empty data type. For example, if the payload is record ; empty and the canister interface expects record then the rust candid decoder treats empty as an extra field required by the type. The proble...
CVE-2023-6245
The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. For example, if the payload is record ; empty and the canister interface expects record then the Rust candid decoder treats empty as an extra field required by the type. The problem wit...
CVE-2023-6245
The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. For example, if the payload is record ; empty and the canister interface expects record then the Rust candid decoder treats empty as an extra field required by the type. The problem wit...
UBUNTU-CVE-2023-6245
The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. For example, if the payload is record ; empty and the canister interface expects record then the Rust candid decoder treats empty as an extra field required by the type. The problem wit...
Design/Logic Flaw
The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. For example, if the payload is record ; empty and the canister interface expects record then the Rust candid decoder treats empty as an extra field required by the type. The problem wit...
CVE-2023-6245
The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. For example, if the payload is record ; empty and the canister interface expects record then the Rust candid decoder treats empty as an extra field required by the type. The problem wit...
CVE-2023-6245
The CVE-2023-6245 issue affects the Candid library used by Rust candid decoder. A specially crafted payload exploiting the data type empty can cause an infinite decoding loop, effectively triggering a Denial of Service as decoding runs until the execution round instruction limit is reached. Motok...
CVE-2023-6245 Infinite decoding loop through specially crafted payload
The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. For example, if the payload is record ; empty and the canister interface expects record then the Rust candid decoder treats empty as an extra field required by the type. The problem wit...
CVE-2023-6245 Infinite decoding loop through specially crafted payload
The Candid library causes a Denial of Service while parsing a specially crafted payload with 'empty' data type. For example, if the payload is record ; empty and the canister interface expects record then the Rust candid decoder treats empty as an extra field required by the type. The problem wit...
Infinite decoding loop through specially crafted payload
The Candid library causes a Denial of Service while parsing a specially crafted payload with empty data type. For example, if the payload is record ; empty and the canister interface expects record then the rust candid decoder treats empty as an extra field required by the type. The problem with...
RUSTSEC-2023-0073 Infinite decoding loop through specially crafted payload
The Candid library causes a Denial of Service while parsing a specially crafted payload with empty data type. For example, if the payload is record ; empty and the canister interface expects record then the rust candid decoder treats empty as an extra field required by the type. The problem with...
PT-2023-32574 · Dfx +1 · Dfx +1
Name of the Vulnerable Software and Affected Versions: Candid versions 0.9.0 through 0.9.9 dfx versions 0.14.4 through 0.15.2-beta.0 Description: The Candid library causes a Denial of Service while parsing a specially crafted payload with empty data type. For example, if the payload is record ;...