Fedora 40 : rust-rustls (2024-5a5f401785)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-5a5f401785 advisory. Update to version 0.23.19. This version includes fix for RUSTSEC-2024-0399. Tenable has extracted the preceding description block directly from the Fedora...

CVE-2024-11738

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

AZL-61546 CVE-2024-11738 affecting package rust for versions less than 1.86.0-6

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

CVE-2024-11738

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

UBUNTU-CVE-2024-11738

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

CVE-2024-11738

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

CVE-2024-11738

CVE-2024-11738 affects Rustls 0.23.13 and related APIs, enabling a denial-of-service (panic) via a fragmented TLS ClientHello message. Public documents (including IBM DataPower Bulletin and MSRC) confirm the vulnerability and provide remediation guidance. Impact is a panic causing service disrupt...

CVE-2024-11738 Rustls: rustls network-reachable panic in `acceptor::accept`

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

CVE-2024-11738 Rustls: rustls network-reachable panic in `acceptor::accept`

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

Rustls 安全漏洞

Rustls is a modern TLS library in Rust open-sourced by Rustls. A security vulnerability exists in Rustls version 0.23.13 that stems from allowing denial of service via fragmented TLS ClientHello messages...

SUSE CVE-2024-11738

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

[SECURITY] Fedora 40 Update: rust-rustls-0.23.17-1.fc40

Rustls is a modern TLS library written in Rust...

[SECURITY] Fedora 41 Update: rust-rustls-0.23.17-1.fc41

Rustls is a modern TLS library written in Rust...

Fedora 40 : rust-rustls / rust-zlib-rs (2024-632b468c59)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-632b468c59 advisory. - Update the rustls crate to version 0.23.17. - Update the zlib-rs crate to version 0.4.0. The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 stack...

Fedora 41 : rust-rustls / rust-zlib-rs (2024-41e6e2fc74)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-41e6e2fc74 advisory. - Update the rustls crate to version 0.23.17. - Update the zlib-rs crate to version 0.4.0. The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 stack...

Fedora: Security Advisory (FEDORA-2024-632b468c59)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-11738

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

rustls network-reachable panic in `Acceptor::accept`

A bug introduced in rustls 0.23.13 leads to a panic if the received TLS ClientHello is fragmented. Only servers that use rustls::server::Acceptor::accept are affected. Servers that use tokio-rustls's LazyConfigAcceptor API are affected. Servers that use tokio-rustls's TlsAcceptor API are not...

GHSA-QG5G-GV98-5FFH rustls network-reachable panic in `Acceptor::accept`

A bug introduced in rustls 0.23.13 leads to a panic if the received TLS ClientHello is fragmented. Only servers that use rustls::server::Acceptor::accept are affected. Servers that use tokio-rustls's LazyConfigAcceptor API are affected. Servers that use tokio-rustls's TlsAcceptor API are not...

RUSTSEC-2024-0399 rustls network-reachable panic in `Acceptor::accept`

A bug introduced in rustls 0.23.13 leads to a panic if the received TLS ClientHello is fragmented. Only servers that use rustls::server::Acceptor::accept are affected. Servers that use tokio-rustls's LazyConfigAcceptor API are affected. Servers that use tokio-rustls's TlsAcceptor API are not...