9 matches found
CVE-2026-29795
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
CVE-2026-29795
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
CVE-2026-29795
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
CVE-2026-29795 stellar-xdr: `StringM::from_str` bypasses max length validation
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
CVE-2026-29795 stellar-xdr: `StringM::from_str` bypasses max length validation
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
CVE-2026-29795
CVE-2026-29795 affects the stellar-xdr crate (StringM::from_str bypasses the max length validation). Affected: versions prior to 25.0.1. Root cause: input strings longer than MAX are accepted, producing StringM with violated length invariant. Impact: potential propagation through serialization/va...
stellar-xdr 安全漏洞
Stellar-xdr is an open-source data format processing library developed by Stellar. Versions of Stellar-xdr prior to 25.0.1 contained security vulnerabilities. These vulnerabilities stemmed from StringM::fromstr not verifying that the input length was within the declared maximum value, allowing fo...
GHSA-X57H-XX53-V53W stellar-xdr's StringM::from_str bypasses max length validation
Impact StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns an Ok value instead of ErrError::LengthExceedsMax, producing a StringM that violates its length invariant. This affec...
stellar-xdr's StringM::from_str bypasses max length validation
Impact StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns an Ok value instead of ErrError::LengthExceedsMax, producing a StringM that violates its length invariant. This affec...