Описание
SwiftNIO SSL arbitrary code execution vulnerability
A SwiftNIO application using TLS may be able to execute arbitrary code. The issue was addressed by signaling that an executable stack is not required. This issue is fixed in SwiftNIO SSL 2.4.1.
Пакеты
Наименование
github.com/apple/swift-nio-ssl
Затронутые версииВерсия исправления
>= 2.0.0, < 2.4.1
2.4.1
Связанные уязвимости
CVSS3: 9.8
nvd
около 6 лет назад
The issue was addressed by signaling that an executable stack is not required. This issue is fixed in SwiftNIO SSL 2.4.1. A SwiftNIO application using TLS may be able to execute arbitrary code.