7 matches found
EUVD-2024-54824
Malicious code in bioql PyPI...
DEBIAN-CVE-2024-58265
The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby denying message delivery...
UBUNTU-CVE-2024-58265
The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby denying message delivery...
snow crate 安全漏洞
snow crate is a Rust implementation of the Noise Protocol Framework by the individual developer Jake McGinty. A security vulnerability exists in snow crate versions prior to 0.9.5, which stems from the use of stateful TransportState that can lead to message delivery rejection...
GHSA-7G9J-G5JG-3VV3 Unauthenticated Nonce Increment in snow
Impact There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with the ability to inject packets into the channel Noise is talking over, this allows a denial-of-service type attack which could prevent communication as it...
Unauthenticated Nonce Increment in snow
Impact There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with the ability to inject packets into the channel Noise is talking over, this allows a denial-of-service type attack which could prevent communication as it...
RUSTSEC-2024-0011 Unauthenticated Nonce Increment in snow
There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with privileges to inject packets into the channel over which the Noise session operates, this could allow a denial-of-service attack which could prevent message...