5 matches found
Fedora: Security Advisory for rust-ffsend (FEDORA-2022-163bcf190f)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-35922
Rust-WebSocket is a WebSocket RFC6455 library written in Rust. In versions prior to 0.26.5 untrusted websocket connections can cause an out-of-memory OOM process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based...
CVE-2022-35922
Rust-WebSocket (rust-websocket) prior to 0.26.5 is vulnerable: untrusted data during dataframe parsing can drive an allocation based on a declar ed size, causing an OOM abort in the sync (non-Tokio) path; the async path does not use Vec::with_capacity, so DoS is tied to delivered oversized data. ...
CVE-2022-35922 Memory allocation based on untrusted length in rust-websocket
Rust-WebSocket is a WebSocket RFC6455 library written in Rust. In versions prior to 0.26.5 untrusted websocket connections can cause an out-of-memory OOM process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based...
CVE-2022-35922 Memory allocation based on untrusted length in rust-websocket
Rust-WebSocket is a WebSocket RFC6455 library written in Rust. In versions prior to 0.26.5 untrusted websocket connections can cause an out-of-memory OOM process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based...