2 matches found
PT-2024-40267 · Pypi · Pyo3
Name of the Vulnerable Software and Affected Versions: PyO3 versions prior to 0.23 Description: The issue concerns a family of functions in PyO3 that read "borrowed" values from Python weak references. These functions were fundamentally unsound because the weak reference does not have ownership o...
PT-2024-24744
Name of the Vulnerable Software and Affected Versions rustls versions prior to 0.21.11 rustls versions prior to 0.22.4 rustls versions prior to 0.23.5 Description The rustls::ConnectionCommon::complete io function could fall into an infinite loop based on network input. When using a blocking rust...