Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
time affected by a stack exhaustion denial of service attack
Vulnerability Description
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary, non-malicious input will never encounter this scenario. A limit to the depth of recursion was added in v0.3.47. From this version, an error will be returned rather than exhausting the stack.
CVSS Information
N/A
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
time 安全漏洞
Vulnerability Description
time是Time开源的一个Rust中的日期和时间处理包。 time 0.3.6至0.3.47之前版本存在安全漏洞,该漏洞源于当用户提供的输入提供给任何使用RFC 2822格式解析的类型时,可能通过堆栈耗尽导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A