4 matches found
CVE-2024-44073
The Miniscript aka rust-miniscript library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth...
baru (>=0.2.0 <=0.4.0), bdk (>=0.2.0 <=1.0.0-alpha.9) +106 more potentially affected by CVE-2024-44073 via miniscript (>=0.12.0 <=8.0.2)
miniscript CARGO version =0.12.0, =0.2.0, =0.2.0, =0.1.0, =0.1.0, =0.3.0, =0.6.0, =0.2.0, =0.1.0, =0.4.0, =0.3.0, =1.0.0, =0.0.1, =0.1.0, =0.3.1 and more Source cves: CVE-2024-44073 Source advisory: OSV:GHSA-RV9V-R4VM-GJ8X...
CVE-2024-44073
The Miniscript aka rust-miniscript library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth...
CVE-2024-44073
CVE-2024-44073 affects the Miniscript (rust-miniscript) library for Rust, with versions prior to 12.2.0. The issue is a stack consumption vulnerability caused by improper tracking of tree depth in the Miniscript parser/engine. Impact is described as stack exhaustion, with an overall CVSSv3.1 base...