Lucene search

K

Veracode Vulnerability DatabaseVERACODE:32804

HistoryNov 05, 2021 - 1:37 a.m.

Denial Of Service (DoS)

2021-11-0501:37:30

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

11

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

rust:edge is vulnerable to denial of service. The vulnerability exists as it permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters causing an application crash.

CPENameOperatorVersion
rust:edgeeq1.51.0-r1
rust:edgeeq1.43.1-r0
rust:edgeeq1.52.1-r1
rust:edgeeq1.50.0-r1
rust:edgeeq1.42.0-r0
rust:edgeeq1.55.0-r2
rust:edgeeq1.55.0-r3
rust:edgeeq1.52.1-r0
rust:edgeeq1.50.0-r0
rust:edgeeq1.41.1-r0

Rows per page:

1-10 of 1761

References

www.openwall.com/lists/oss-security/2021/11/01/1

www.openwall.com/lists/oss-security/2021/11/01/4

www.openwall.com/lists/oss-security/2021/11/01/5

www.openwall.com/lists/oss-security/2021/11/01/6

www.openwall.com/lists/oss-security/2021/11/02/10

www.unicode.org/versions/Unicode14.0.0/

lists.fedoraproject.org/archives/list/[email protected]/message/IH2RG5YTR6ZZOLUV3EUPZEIJR7XHJLVD/

lists.fedoraproject.org/archives/list/[email protected]/message/LQNTFF24ROHLVPLUOEISBN3F7QM27L4U/

lists.fedoraproject.org/archives/list/[email protected]/message/QUPA37D57VPTDLSXOOGF4UXUEADOC4PQ/

secdb.alpinelinux.org/edge/community.yaml

security.gentoo.org/glsa/202210-09

trojansource.codes

www.kb.cert.org/vuls/id/999008

www.scyon.nl/post/trojans-in-your-source-code

www.starwindsoftware.com/security/sw-20220804-0002/

www.unicode.org/reports/tr31/

www.unicode.org/reports/tr36/

www.unicode.org/reports/tr39/

www.unicode.org/reports/tr9/tr9-44.html#HL4

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

Related for VERACODE:32804

nessus91 atlassian12 oraclelinux12 ubuntucve1 osv20 openvas8 redhat24 mageia1 almalinux8 rocky7 alpinelinux1 amazon1 githubexploit4 fedora3 centos1 debiancve1 cve1 f51 prion1 photon1