Описание
Crash due to uncontrolled recursion in protobuf crate
Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input.
This allows an attacker to cause a stack overflow when parsing the message on untrusted data.
Пакеты
protobuf
< 3.7.2
3.7.2
Связанные уязвимости
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion ...