CVE-2024-58254
- EPSS -
- Veröffentlicht 05.07.2025 00:00:00
- Zuletzt bearbeitet 05.07.2025 04:15:27
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-11738. Reason: This candidate is a duplicate of CVE-2024-11738. Notes: All CVE users should reference CVE-2024-11738 instead of this candidate. All references and descriptions in...
CVE-2024-11738
- EPSS 0.22%
- Veröffentlicht 06.12.2024 15:15:07
- Zuletzt bearbeitet 29.07.2025 19:22:23
A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service (panic) via a fragmented TLS ClientHello message.
CVE-2024-32650
- EPSS 0.04%
- Veröffentlicht 19.04.2024 16:15:10
- Zuletzt bearbeitet 21.11.2024 09:15:23
Rustls is a modern TLS library written in Rust. `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a `close_notify` message immediately after `client_...
CVE-2019-15541
- EPSS 0.48%
- Veröffentlicht 26.08.2019 12:15:11
- Zuletzt bearbeitet 21.11.2024 04:28:58
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service (loop of conn_event and ready) by arranging for a client to never be writable.