Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Salvo Affected by Denial of Service via Unbounded Memory Allocation in Form Data Parsing
Vulnerability Description
Salvo is a Rust web framework. Prior to version 0.89.3, Salvo's form data parsing implementations (`form_data()` method and `Extractible` macro) do not enforce payload size limits before reading request bodies into memory. This allows attackers to cause Out-of-Memory (OOM) conditions by sending extremely large payloads, leading to service crashes and denial of service. Version 0.89.3 contains a patch.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
salvo 安全漏洞
Vulnerability Description
salvo是Salvo开源的一个web框架。 salvo 0.89.3之前版本存在安全漏洞,该漏洞源于表单数据解析实现未强制执行有效载荷大小限制,可能导致发送超大负载时引发内存耗尽和服务崩溃。
CVSS Information
N/A
Vulnerability Type
N/A