CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2022/07/22 4:15 a.m.•9 views

CVE-2022-31162

Slack Morphism is an async client library for Rust. Prior to 0.41.0, it was possible for Slack OAuth client information to leak in application debug logs. Stricter and more secure debug formatting was introduced in v0.41.0 for OAuth secret types to reduce the possibility of printing sensitive...

7.5CVSS0.00391EPSS

Exploits0References2

OSV•added 2019/12/04 4:15 p.m.•15 views

CVE-2019-11923

In Mcrouter prior to v0.41.0, the deprecated ASCII parser would allocate a buffer to a user-specified length with no maximum length enforced, allowing for resource exhaustion or denial of service...

7.5CVSS7AI score0.00642EPSS

Exploits0References3

Prion•added 2019/12/04 4:15 p.m.•23 views

Denial of service

In Mcrouter prior to v0.41.0, the deprecated ASCII parser would allocate a buffer to a user-specified length with no maximum length enforced, allowing for resource exhaustion or denial of service...

5CVSS7.6AI score0.00642EPSS

Exploits0References3Affected Software1

Prion•added 2019/12/04 4:15 p.m.•9 views

Denial of service

In Mcrouter prior to v0.41.0, a large struct input provided to the Carbon protocol reader could result in stack exhaustion and denial of service...

5CVSS7.4AI score0.00642EPSS

Exploits0References3Affected Software1