Lucene search
K

188 matches found

CNNVD
CNNVD
added 2020/12/31 12:0 a.m.6 views

Rust Security Vulnerabilities

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust tokio-rustls crate before 0.13.1, which stems from the possibility of excessive memory usage when data arrives quickly...

7.5CVSS5.8AI score0.01336EPSS
Exploits0References2
RustSec
RustSec
added 2020/05/19 12:0 p.m.18 views

tokio-rustls reads may cause excessive memory usage

tokio-rustls does not call processnewpackets immediately after read, so the expected termination condition wantsread always returns true. As long as new incoming data arrives faster than it is processed and the reader does not return pending, data will be buffered. This may cause DoS...

7.5CVSS2.2AI score0.01336EPSS
Exploits0Affected Software1
OSV
OSV
added 2020/05/19 12:0 p.m.23 views

RUSTSEC-2020-0019 tokio-rustls reads may cause excessive memory usage

tokio-rustls does not call processnewpackets immediately after read, so the expected termination condition wantsread always returns true. As long as new incoming data arrives faster than it is processed and the reader does not return pending, data will be buffered. This may cause DoS...

7.5CVSS7.5AI score0.01336EPSS
Exploits0References3
NVD
NVD
added 2019/08/26 12:15 p.m.12 views

CVE-2019-15541

rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service loop of connevent and ready by arranging for a client to never be writable...

7.5CVSS7.4AI score0.02233EPSS
Exploits1References3
OSV
OSV
added 2019/08/26 12:15 p.m.12 views

CVE-2019-15541

rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service loop of connevent and ready by arranging for a client to never be writable...

7.5CVSS7AI score
Exploits0References3
Prion
Prion
added 2019/08/26 12:15 p.m.13 views

Design/Logic Flaw

rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service loop of connevent and ready by arranging for a client to never be writable...

5CVSS7.3AI score0.02233EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/08/26 11:49 a.m.14 views

CVE-2019-15541

rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service loop of connevent and ready by arranging for a client to never be writable...

7.4AI score0.02233EPSS
Exploits1References3
CVE
CVE
added 2019/08/26 11:49 a.m.40 views

CVE-2019-15541

CVE-2019-15541 concerns rustls-mio/tlsserver.rs in the rustls crate prior to 0.16.0. The root cause is a denial-of-service condition caused by a loop between conn_event and ready when a client is never writable, enabling an attacker to stall connections. Affected component: rustls-mio (Rust). Imp...

7.5CVSS7.3AI score0.02233EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder