188 matches found
Rust Security Vulnerabilities
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust tokio-rustls crate before 0.13.1, which stems from the possibility of excessive memory usage when data arrives quickly...
tokio-rustls reads may cause excessive memory usage
tokio-rustls does not call processnewpackets immediately after read, so the expected termination condition wantsread always returns true. As long as new incoming data arrives faster than it is processed and the reader does not return pending, data will be buffered. This may cause DoS...
RUSTSEC-2020-0019 tokio-rustls reads may cause excessive memory usage
tokio-rustls does not call processnewpackets immediately after read, so the expected termination condition wantsread always returns true. As long as new incoming data arrives faster than it is processed and the reader does not return pending, data will be buffered. This may cause DoS...
CVE-2019-15541
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service loop of connevent and ready by arranging for a client to never be writable...
CVE-2019-15541
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service loop of connevent and ready by arranging for a client to never be writable...
Design/Logic Flaw
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service loop of connevent and ready by arranging for a client to never be writable...
CVE-2019-15541
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service loop of connevent and ready by arranging for a client to never be writable...
CVE-2019-15541
CVE-2019-15541 concerns rustls-mio/tlsserver.rs in the rustls crate prior to 0.16.0. The root cause is a denial-of-service condition caused by a loop between conn_event and ready when a client is never writable, enabling an attacker to stall connections. Affected component: rustls-mio (Rust). Imp...