OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
9a304ea2c69c825c42bcda6bab843c19cf0db6ce
advisory-db/crates/protobuf/RUSTSEC-2019-0003.toml
Tony Arcieri 01ac6725d5 Fix all advisories to pass linter 
Mostly related to the `affected_functions` field, which has changed a
few times.
2019-09-09 12:19:01 -07:00

19 lines
594 B
TOML
Raw Blame History

[advisory]
id = "RUSTSEC-2019-0003"
package = "protobuf"
date = "2019-06-08"
title = "Out of Memory in stream::read_raw_bytes_into()"
description = """
Affected versions of this crate called Vec::reserve() on user-supplied input.
This allows an attacker to cause an Out of Memory condition while calling the
vulnerable method on untrusted data.
"""
url = "https://github.com/stepancheg/rust-protobuf/issues/411"
categories = ["denial-of-service"]
keywords = ["oom", "panic"]
patched_versions = ["^1.7.5", ">= 2.6.0"]
[affected.functions]
"protobuf::stream::read_raw_bytes_into" = ["< 2.6.0"]
Reference in New Issue View Git Blame Copy Permalink