Описание
Uncontrolled Resource Consumption in parse_duration
An issue was discovered in the parse_duration crate through 2021-03-18 for Rust. It allows attackers to cause a denial of service (CPU and memory consumption) via a duration string with a large exponent.
Пакеты
Наименование
parse_duration
rust
Затронутые версииВерсия исправления
<= 2.1.1
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
почти 5 лет назад
An issue was discovered in the parse_duration crate through 2021-03-18 for Rust. It allows attackers to cause a denial of service (CPU and memory consumption) via a duration string with a large exponent.