RUSTSEC-2023-0029 TLS certificate common name validation bypass

The NATS official Rust clients are vulnerable to MitM when using TLS. The common name of the server's TLS certificate is validated against the hostname provided by the server's plaintext INFO message during the initial connection setup phase. A MitM proxy can tamper with the host field's value by...

RUSTSEC-2023-0027 TLS certificate common name validation bypass

The NATS official Rust clients are vulnerable to MitM when using TLS. The common name of the server's TLS certificate is validated against the hostname provided by the server's plaintext INFO message during the initial connection setup phase. A MitM proxy can tamper with the host field's value by...

TLS certificate common name validation bypass

The NATS official Rust clients are vulnerable to MitM when using TLS. The common name of the server's TLS certificate is validated against the hostname provided by the server's plaintext INFO message during the initial connection setup phase. A MitM proxy can tamper with the host field's value by...

TLS certificate common name validation bypass

The NATS official Rust clients are vulnerable to MitM when using TLS. The common name of the server's TLS certificate is validated against the hostname provided by the server's plaintext INFO message during the initial connection setup phase. A MitM proxy can tamper with the host field's value by...

bottlerocket dependency openssl is vulnerable to dereferenced null pointers

A null pointer in OpenSSL can be dereferenced when signatures are being verified in malformed PKCS7 data. Agents or clients compiled with OpenSSL may experience unexpected crashes. OpenSSL has been removed in bottlerocket/update-operator version 1.1.0 in favor of Rust-based TLS using rustls...

GHSA-QF87-Q4GG-CG43 bottlerocket dependency openssl is vulnerable to dereferenced null pointers

A null pointer in OpenSSL can be dereferenced when signatures are being verified in malformed PKCS7 data. Agents or clients compiled with OpenSSL may experience unexpected crashes. OpenSSL has been removed in bottlerocket/update-operator version 1.1.0 in favor of Rust-based TLS using rustls...

GHSA-J859-PMRQ-9Q6C bottlerocket dependency openssl has a double free vulnerability

A timing based side channel exists in the OpenSSL RSA decryption implementation which could enable a recovery of plaintext from across the network. This affects all RSA padding modes. A server agent compiled with OpenSSL could be made to give up plaintext payloads over the network, but this would...

GHSA-3WXX-JXWC-MG39 bottlerocket dependency openssl has a double free vulnerability

A double-free vulnerability exists in OpenSSL where it is possible to construct a malicious PEM file that has 0 bytes of payload data. This then points to data that has already been freed in memory which, when freed again, leads to a crash. Agents or clients compiled with OpenSSL may crash...

bottlerocket dependency openssl has a double free vulnerability

A double-free vulnerability exists in OpenSSL where it is possible to construct a malicious PEM file that has 0 bytes of payload data. This then points to data that has already been freed in memory which, when freed again, leads to a crash. Agents or clients compiled with OpenSSL may crash...

GHSA-PJ34-FPW3-83QJ bottlerocket dependency openssl is vulnerable to read buffer overflow via X.509 verification

A read buffer overflow can be triggered in OpenSSL X.509 verification during name constraint checking. Note that this occurs after the certificate chain has been verified and would require a compromised CA. This can cause a client or agent compiled with OpenSSL to crash unexpectedly. OpenSSL has...

bottlerocket dependency openssl is vulnerable to read buffer overflow via X.509 verification

A read buffer overflow can be triggered in OpenSSL X.509 verification during name constraint checking. Note that this occurs after the certificate chain has been verified and would require a compromised CA. This can cause a client or agent compiled with OpenSSL to crash unexpectedly. OpenSSL has...

PT-2023-33053 · Openssl · Openssl

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 1.1.0 Description: A null pointer in OpenSSL can be dereferenced when signatures are being verified in malformed PKCS7 data, potentially causing unexpected crashes in agents or clients compiled with OpenSSL...

GHSA-2JFV-G3FH-XQ3V Excessive memory usage in tokio-rustls

tokio-rustls does not call processnewpackets immediately after read, so the expected termination condition wantsread always returns true. As long as new incoming data arrives faster than it is processed and the reader does not return pending, data will be buffered. This may cause DoS...

Excessive memory usage in tokio-rustls

tokio-rustls does not call processnewpackets immediately after read, so the expected termination condition wantsread always returns true. As long as new incoming data arrives faster than it is processed and the reader does not return pending, data will be buffered. This may cause DoS...

CVE-2020-35875

An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...

CVE-2020-35875

An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...

Design/Logic Flaw

An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...

CVE-2020-35875

An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...

CVE-2020-35875

An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...

CVE-2020-35875

CVE-2020-35875 affects the Rust crate tokio-rustls (before 0.13.1). The root cause is that tokio-rustls does not call process_new_packets immediately after read, causing wants_read to always return true and allowing data to accumulate in memory when data arrives faster than it is processed. This ...