Lucene search
K

188 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/02 12:0 a.m.6 views

Fedora 39 : glycin-loaders / gnome-tour / helix / helvum / libipuz / librsvg2 / etc (2024-40ee18b2e7)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-40ee18b2e7 advisory. This update contains builds from a mini-mass-rebuild for Rust applications and some C-style libraries. Rebuilding with the Rust 1.78 toolchain should fix...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/28 12:0 a.m.11 views

Fedora 40 : glycin-loaders / gnome-tour / helix / helvum / libipuz / loupe / etc (2024-ce2936b568)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-ce2936b568 advisory. This update contains builds from a mini-mass-rebuild for Rust applications and some C-style libraries. Rebuilding with the Rust 1.78 toolchain should fix...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/21 12:0 a.m.16 views

openSUSE 15 Security Update : git-cliff (openSUSE-SU-2024:0130-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0130-1 advisory. - Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When usin...

7.5CVSS5.5AI score0.00949EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/05/19 12:0 a.m.23 views

openSUSE Security Advisory (openSUSE-SU-2024:0130-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.00949EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/04/23 1:44 a.m.5 views

SUSE CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS6.8AI score0.00949EPSS
Exploits0References9
vulnersOsv
vulnersOsv
added 2024/04/19 7:46 p.m.7 views

rustls-ffi (=0.10.0) potentially affected by CVE-2024-32650 via rustls (=0.21.0)

rustls CARGO version =0.21.0 is affected by a known vulnerability. The following packages have a transitive dependency on rustls and may be impacted: - rustls-ffi =0.10.0 Source cves: CVE-2024-32650 Source advisory: OSV:GHSA-6G7W-8WPP-FRHJ...

7.5CVSS5.8AI score0.00949EPSS
Exploits0
OSV
OSV
added 2024/04/19 7:46 p.m.25 views

GHSA-6G7W-8WPP-FRHJ Denial of Service Vulnerability in Rustls Library

Summary rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. Details Verified at 0.22 and 0.23 rustls, but 0.21 and 0.20 release lines are also affected. tokio-rustls and rustls-ffi do not call completeio and are not affected. rustls::Stream and...

7.5CVSS7.2AI score0.00949EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2024/04/19 7:46 p.m.24 views

Denial of Service Vulnerability in Rustls Library

Summary rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. Details Verified at 0.22 and 0.23 rustls, but 0.21 and 0.20 release lines are also affected. tokio-rustls and rustls-ffi do not call completeio and are not affected. rustls::Stream and...

7.5CVSS7.3AI score0.00949EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/04/19 4:15 p.m.2 views

DEBIAN-CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS5.3AI score0.00949EPSS
Exploits0References1
NVD
NVD
added 2024/04/19 4:15 p.m.13 views

CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS7.3AI score0.00949EPSS
Exploits0References4
OSV
OSV
added 2024/04/19 4:15 p.m.4 views

UBUNTU-CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS5.8AI score0.00949EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/04/19 4:15 p.m.22 views

CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS5.9AI score0.00949EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/19 4:5 p.m.10 views

CVE-2024-32650 Rustls vulnerable to an infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper client input

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS6.6AI score0.00949EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/19 4:5 p.m.26 views

CVE-2024-32650 Rustls vulnerable to an infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper client input

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS7.5AI score0.00949EPSS
Exploits0References4
OSV
OSV
added 2024/04/19 4:5 p.m.11 views

CVE-2024-32650 Rustls vulnerable to an infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper client input

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS7.1AI score0.00949EPSS
Exploits0References6
CVE
CVE
added 2024/04/19 4:5 p.m.298 views

CVE-2024-32650

CVE-2024-32650 affects rustls:complete_io in a blocking rustls server can enter an infinite loop if a client sends close_notify right after client_hello, leading to a denial of service. Fixes exist in rustls releases 0.23.5, 0.22.4, and 0.21.11. Remediation is to upgrade to one of these versions ...

7.5CVSS6.4AI score0.00949EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/04/19 4:5 p.m.17 views

CVE-2024-32650

Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a closenotify message immediately after clienthello, the server's completeio will get in an infinite...

7.5CVSS7.3AI score0.00949EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/04/19 12:0 p.m.4 views

AskAI (=0.1.0), ISP-SDK (>=0.1.0 <=0.2.3) +3844 more potentially affected by CVE-2024-32650 via rustls (>=0.12.0 <=0.21.0)

rustls CARGO version =0.12.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.2.0-beta.4, =0.21.0-alpha.1, =0.1.1, =0.11.0, =0.0.1, =0.0.7-alpha.3, =0.0.7-alpha.2, =0.0.7-alpha.1, =0.0.7-alpha.3, =0.11.3, =0.14.2 and more Source cves: CVE-2024-32650 Source advisory: OSV:RUSTSEC-2024-0336...

7.5CVSS5.7AI score0.00949EPSS
Exploits0
OSV
OSV
added 2024/04/19 12:0 p.m.21 views

RUSTSEC-2024-0336 `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input

If a closenotify alert is received during a handshake, completeio does not terminate. Callers which do not call completeio are not affected. rustls-tokio and rustls-ffi do not call completeio and are not affected. rustls::Stream and rustls::StreamOwned types use completeio and are affected...

7.5CVSS7.3AI score0.00949EPSS
Exploits0References3
RustSec
RustSec
added 2024/04/19 12:0 p.m.5 views

`rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input

If a closenotify alert is received during a handshake, completeio does not terminate. Callers which do not call completeio are not affected. rustls-tokio and rustls-ffi do not call completeio and are not affected. rustls::Stream and rustls::StreamOwned types use completeio and are affected...

7.5CVSS7.1AI score0.00949EPSS
Exploits0Affected Software1
Rows per page
Query Builder