Lucene search
K

9529 matches found

NVD
NVD
added 2025/07/05 1:15 a.m.7 views

CVE-2025-53604

The web-push crate before 0.10.3 for Rust allows a denial of service memory consumption in the built-in clients via a large integer in a Content-Length header...

4CVSS0.00331EPSS
Exploits0References3
OSV
OSV
added 2025/07/05 1:15 a.m.8 views

AZL-65556 CVE-2025-53605 affecting package kata-containers for versions less than 3.19.1.kata2-1

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...

5.9CVSS5.7AI score0.0038EPSS
Exploits0References1
OSV
OSV
added 2025/07/05 1:15 a.m.7 views

AZL-65592 CVE-2025-53605 affecting package rust for versions less than 1.72.0-11

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...

5.9CVSS5.7AI score0.0038EPSS
Exploits0References1
OSV
OSV
added 2025/07/05 1:15 a.m.4 views

UBUNTU-CVE-2025-53605

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...

5.9CVSS5.8AI score0.0038EPSS
Exploits0References4
CVE
CVE
added 2025/07/05 12:0 a.m.17 views

CVE-2024-58254

CVE-2024-58254 is rejected/not used; reference CVE-2024-11738 instead.

Exploits0
Cvelist
Cvelist
added 2025/07/05 12:0 a.m.8 views

CVE-2025-53604

The web-push crate before 0.10.3 for Rust allows a denial of service memory consumption in the built-in clients via a large integer in a Content-Length header...

4CVSS0.00331EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/05 12:0 a.m.3 views

CVE-2025-53604

The web-push crate before 0.10.3 for Rust allows a denial of service memory consumption in the built-in clients via a large integer in a Content-Length header...

4CVSS7.1AI score0.00331EPSS
Exploits0References3
CVE
CVE
added 2025/07/05 12:0 a.m.55 views

CVE-2025-53605

CVE-2025-53605 affects the Rust protobuf crate prior to 3.7.2. The issue is uncontrolled recursion in protobuf::coded_input_stream::CodedInputStream::skip_group when parsing unknown fields from untrusted input, with impact described as availability-related in the CVSS metrics. Connected advisorie...

5.9CVSS6.5AI score0.0038EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/05 12:0 a.m.4 views

CVE-2025-53605

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...

5.9CVSS7.2AI score0.0038EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/05 12:0 a.m.7 views

CVE-2025-53605

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...

5.9CVSS0.0038EPSS
Exploits0References3
CVE
CVE
added 2025/07/05 12:0 a.m.24 views

CVE-2025-53604

The vulnerability CVE-2025-53604 affects the Rust crate web-push prior to version 0.10.3 . The built-in clients are susceptible to a denial-of-service caused by memory consumption when handling a large integer in a Content-Length header. Impact is described as DoS via memory exhaustion in affecte...

4CVSS6.5AI score0.00331EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/07/05 12:0 a.m.7 views

CVE-2025-53605

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...

5.9CVSS5.1AI score0.0038EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/04 12:0 a.m.3 views

Securing Mixed Rust with Hardware Capabilities

The Rust programming language enforces three basic Rust principles, namely ownership, borrowing, and AXM Aliasing Xor Mutability to prevent security bugs such as memory safety violations and data races. However, Rust projects often have mixed code, i.e., code that also uses unsafe Rust, FFI Forei...

7.5AI score
Exploits0
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.2 views

web-push crate 安全漏洞

web-push crate is a library for Rust by the individual developer Julius de Bruijn. A security vulnerability exists in web-push crate versions prior to 0.10.3, which stems from a large integer in the Content-Length header that could lead to a denial of service...

4CVSS6.3AI score0.00331EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.4 views

protobuf crate 安全漏洞

protobuf crate is a library for Rust by Stepan Koltsov, a personal developer. A security vulnerability exists in protobuf crate versions prior to 3.7.2, which stems from uncontrolled recursion when parsing unknown fields in protobuf::codedinputstream::CodedInputStream::skipgroup...

5.9CVSS6.4AI score0.0038EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/03 12:0 a.m.3 views

AlmaLinux 9 : keylime-agent-rust (ALSA-2025:7313)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:7313 advisory. rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 Tenable has extracted the preceding description block directly from the AlmaLinux...

6.3CVSS5.3AI score0.00623EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/03 12:0 a.m.4 views

AlmaLinux 9 : rust-bootupd (ALSA-2025:7241)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:7241 advisory. rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 Tenable has extracted the preceding description block directly from the AlmaLinux...

6.3CVSS5.3AI score0.00623EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/07/02 8:20 a.m.4 views

Security update for python-cryptography

This update for python-cryptography fixes the following issues: CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

6.3CVSS7.3AI score0.00452EPSS
Exploits0References4
OSV
OSV
added 2025/07/02 8:19 a.m.3 views

SUSE-SU-2025:20463-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631...

3.7CVSS5.8AI score0.00452EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/01 12:0 a.m.7 views

SUSE SLED15: himmelblau / himmelblau-sshd-config / libnss_himmelblau2 / etc (SUSE-SU-2025:02166-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02166-1 advisory. - CVE-2025-5791: Fixed using deprecated users crate bsc1244202 - CVE-2025-3416: Fixed use-After-Free in...

7.1CVSS5.9AI score0.00452EPSS
Exploits0References7
Rows per page
Query Builder