The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service (panic) via a one-byte UDP packet.
The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Rosenpass | Rosenpass | * | 0.2.1 (excluding) |