Linux Distros Unpatched Vulnerability : CVE-2024-11738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message. CVE-2024-11738...

CVE-2024-58254

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-11738. Reason: This candidate is a duplicate of CVE-2024-11738. Notes: All CVE users should reference CVE-2024-11738 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

UBUNTU-CVE-2024-11738

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

Rustls 安全漏洞

Rustls is a modern TLS library in Rust open-sourced by Rustls. A security vulnerability exists in Rustls version 0.23.13 that stems from allowing denial of service via fragmented TLS ClientHello messages...

PT-2024-17221

Name of the Vulnerable Software and Affected Versions Rustls version 0.23.13 Description A flaw was found in Rustls and related APIs, allowing denial of service panic via a fragmented TLS ClientHello message. Recommendations For Rustls version 0.23.13, consider disabling the handling of fragmente...

PT-2024-40945 · Unknown +1 · Tokio-Rustls +2

Name of the Vulnerable Software and Affected Versions: rustls version 0.23.13 Description: A bug in rustls leads to a panic if the received TLS ClientHello is fragmented. This issue affects servers using rustls::server::Acceptor::accept and tokio-rustls's LazyConfigAcceptor API, but not those usi...