RUSTSEC-2020-0002: Parsing a specially crafted message can result in a stack overflow #54
Labels
State: wontfix
This will not be worked on
Comments
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. If you think this is an important issue, notify it directly by email to: contacto@bitcoinvenezuela.com |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
prost0.5.0>=0.6.1Affected versions of this crate contained a bug in which decoding untrusted
input could overflow the stack.
On architectures with stack probes (like x86), this can be used for denial of
service attacks, while on architectures without stack probes (like ARM)
overflowing the stack is unsound and can result in potential memory corruption
(or even RCE).
The flaw was quickly corrected by @danburkert and released in version 0.6.1.
See advisory page for additional details.
The text was updated successfully, but these errors were encountered: