GHSA-5873-6FWQ-463F stellar-strkey vulnerable to panic in SignedPayload::from_payload

Impact Panic vulnerability when a specially crafted payload is used. This is because of the following calculation: rust innerpayloadlen + 4 - innerpayloadlen % 4 % 4 If innerpayloadlen is 0xffffffff, 4 - innerpayloadlen % 4 % 4 = 1 so rust innerpayloadlen + 4 - innerpayloadlen % 4 % 4 = u32::MAX ...

PT-2023-29868 · Unknown · Rs-Stellar-Strkey

Name of the Vulnerable Software and Affected Versions: rs-stellar-strkey versions prior to 0.0.8 Description: A panic vulnerability occurs when a specially crafted payload is used, due to an issue with the inner payload len variable. This variable should not be above 64. The vulnerability is caus...