Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Rust\-Websocket
(Rust\-Websocket_project)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 1 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-08-01 | CVE-2022-35922 | Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. In versions prior to 0.26.5 untrusted websocket connections can cause an out-of-memory (OOM) process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based on the declared dataframe size, which may come from an untrusted source. When `Vec::with_capacity` fails to allocate, the default Rust allocator will abort the current process, killing all... | Fedora, Rust\-Websocket | 7.5 |